nessus
via4
|
NASL family | Windows | NASL id | ITUNES_12_6_2.NASL | description | The version of Apple iTunes installed on the remote Windows host is
prior to 12.6.2. It is, therefore, affected by multiple
vulnerabilities :
- Multiple out-of-bounds read errors exist in the libxml2
component due to improper handling of specially crafted
XML documents. An unauthenticated, remote attacker can
exploit these to disclose user information.
(CVE-2017-7010, CVE-2017-7013)
- Multiple memory corruption issues exist in the Webkit
Web Inspector component due to improper validation of
user-supplied input. An unauthenticated, remote attacker
can exploit these, via a specially crafted web page, to
corrupt memory, resulting in the execution of arbitrary
code. (CVE-2017-7012)
- Multiple memory corruption issues exist in the WebKit
component due to improper validation of input. An
unauthenticated, remote attacker can exploit these
issues, via a specially crafted web page, to execute
arbitrary code. (CVE-2017-7018, CVE-2017-7020,
CVE-2017-7030, CVE-2017-7034, CVE-2017-7037,
CVE-2017-7039, CVE-2017-7040, CVE-2017-7041,
CVE-2017-7042, CVE-2017-7043, CVE-2017-7046,
CVE-2017-7048, CVE-2017-7049, CVE-2017-7052,
CVE-2017-7055, CVE-2017-7056, CVE-2017-7061)
- A memory corruption issue exists in the 'WebKit Page
Loading' component due to improper validation of input.
An unauthenticated, remote attacker can exploit this,
via a specially crafted web page, to execute arbitrary
code. (CVE-2017-7019)
- A flaw exists in the iPodService component when handling
the iPodManager COM control due to insufficient access
restrictions. A local attacker can exploit this to
execute arbitrary code with system privileges.
(CVE-2017-7053)
- An unspecified memory initialization issue exists in
Webkit. A local attacker can exploit this, via a
specially crafted application, to disclose the contents
of restricted memory. (CVE-2017-7064)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number. | last seen | 2019-01-16 | modified | 2018-07-12 | plugin id | 101954 | published | 2017-07-25 | reporter | Tenable | source | https://www.tenable.com/plugins/index.php?view=single&id=101954 | title | Apple iTunes < 12.6.2 Multiple Vulnerabilities (credentialed check) |
NASL family | MacOS X Local Security Checks | NASL id | MACOS_ITUNES_12_6_2.NASL | description | The version of Apple iTunes installed on the remote macOS or Mac OS X
host is prior to 12.6.2. It is, therefore, affected by multiple
vulnerabilities :
- Multiple out-of-bounds read errors exist in the libxml2
component due to improper handling of specially crafted
XML documents. An unauthenticated, remote attacker can
exploit these to disclose user information.
(CVE-2017-7010, CVE-2017-7013)
- Multiple memory corruption issues exist in the Webkit
Web Inspector component due to improper validation of
user-supplied input. An unauthenticated, remote attacker
can exploit these, via a specially crafted web page, to
corrupt memory, resulting in the execution of arbitrary
code. (CVE-2017-7012)
- Multiple memory corruption issues exist in the WebKit
component due to improper validation of input. An
unauthenticated, remote attacker can exploit these
issues, via a specially crafted web page, to execute
arbitrary code. (CVE-2017-7018, CVE-2017-7020,
CVE-2017-7030, CVE-2017-7034, CVE-2017-7037,
CVE-2017-7039, CVE-2017-7040, CVE-2017-7041,
CVE-2017-7042, CVE-2017-7043, CVE-2017-7046,
CVE-2017-7048, CVE-2017-7049, CVE-2017-7052,
CVE-2017-7055, CVE-2017-7056, CVE-2017-7061)
- A memory corruption issue exists in the 'WebKit Page
Loading' component due to improper validation of input.
An unauthenticated, remote attacker can exploit this,
via a specially crafted web page, to execute arbitrary
code. (CVE-2017-7019)
- A flaw exists in the iPodService component when handling
the iPodManager COM control due to insufficient access
restrictions. A local attacker can exploit this to
execute arbitrary code with system privileges.
(CVE-2017-7053)
- An unspecified memory initialization issue exists in
Webkit. A local attacker can exploit this, via a
specially crafted application, to disclose the contents
of restricted memory. (CVE-2017-7064)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number. | last seen | 2019-01-16 | modified | 2018-07-14 | plugin id | 101956 | published | 2017-07-25 | reporter | Tenable | source | https://www.tenable.com/plugins/index.php?view=single&id=101956 | title | Apple iTunes < 12.6.2 Multiple Vulnerabilities (macOS) (credentialed check) |
NASL family | MacOS X Local Security Checks | NASL id | MACOSX_SAFARI10_1_2.NASL | description | The version of Apple Safari installed on the remote macOS or Mac OS X
host is prior to 10.1.2. It is, therefore, affected by multiple
vulnerabilities :
- An information disclosure vulnerability exists in the
WebKit component due to improper handling of SVG filters.
An unauthenticated, remote attacker can exploit this,
via a timing side-channel attack, to disclose sensitive
cross-domain information. (CVE-2017-7006)
- An unspecified flaw exists that allows an
unauthenticated, remote attacker to spoof the address
bar via a specially crafted website. (CVE-2017-7011)
- Multiple memory corruption issues exists in the 'WebKit
Web Inspector' component due to improper validation of
input. An unauthenticated, remote attacker can exploit
these issues, via a specially crafted web page, to
execute arbitrary code. (CVE-2017-7012)
- Multiple memory corruption issues exist in the WebKit
component due to improper validation of input. An
unauthenticated, remote attacker can exploit these
issues, via a specially crafted web page, to execute
arbitrary code. (CVE-2017-7018, CVE-2017-7020,
CVE-2017-7030, CVE-2017-7034, CVE-2017-7037,
CVE-2017-7039, CVE-2017-7040, CVE-2017-7041,
CVE-2017-7042, CVE-2017-7043, CVE-2017-7046,
CVE-2017-7048, CVE-2017-7049, CVE-2017-7052,
CVE-2017-7055, CVE-2017-7056, CVE-2017-7061)
- A memory corruption issue exists in the 'WebKit Page
Loading' component due to improper validation of input.
An unauthenticated, remote attacker can exploit this,
via a specially crafted web page, to execute arbitrary
code. (CVE-2017-7019)
- Multiple cross-site scripting (XSS) vulnerabilities
exist in the WebKit component in the DOMParser due to
improper validation of user-supplied input before
returning it to users. An unauthenticated, remote
attacker can exploit these issue, via a specially
crafted URL, to execute arbitrary script code in a
user's browser session. (CVE-2017-7038, CVE-2017-7059)
- A denial of service vulnerability exists in the Safari
Printing component. An unauthenticated, remote attacker
can exploit this, via a specially crafted web page, to
create an infinite number of print dialogs.
(CVE-2017-7060)
- An unspecified memory initialization flaw exists in
WebKit. A local attacker can exploit this, via a
specially crafted application, to disclose restricted
memory. (CVE-2017-7064) | last seen | 2019-01-16 | modified | 2018-07-14 | plugin id | 101931 | published | 2017-07-24 | reporter | Tenable | source | https://www.tenable.com/plugins/index.php?view=single&id=101931 | title | macOS : Apple Safari < 10.1.2 Multiple Vulnerabilities |
NASL family | Gentoo Local Security Checks | NASL id | GENTOO_GLSA-201710-14.NASL | description | The remote host is affected by the vulnerability described in GLSA-201710-14
(WebKitGTK+: Multiple Vulnerabilities)
Multiple vulnerabilities have been discovered in WebkitGTK+. Please
review the references below for details.
Impact :
A remote attacker could execute arbitrary code, cause a Denial of
Service condition, bypass intended memory-read restrictions, conduct a
timing side-channel attack to bypass the Same Origin Policy, obtain
sensitive information, or spoof the address bar.
Workaround :
There is no known workaround at this time. | last seen | 2019-01-16 | modified | 2018-01-26 | plugin id | 103849 | published | 2017-10-16 | reporter | Tenable | source | https://www.tenable.com/plugins/index.php?view=single&id=103849 | title | GLSA-201710-14 : WebKitGTK+: Multiple Vulnerabilities |
NASL family | FreeBSD Local Security Checks | NASL id | FREEBSD_PKG_0F66B901715C11E7AD1FBCAEC565249C.NASL | description | The Webkit gtk team reports :
Please reference CVE/URL list for details | last seen | 2018-11-13 | modified | 2018-11-10 | plugin id | 101966 | published | 2017-07-26 | reporter | Tenable | source | https://www.tenable.com/plugins/index.php?view=single&id=101966 | title | FreeBSD : webkit2-gtk3 -- multiple vulnerabilities (0f66b901-715c-11e7-ad1f-bcaec565249c) |
NASL family | Peer-To-Peer File Sharing | NASL id | ITUNES_12_6_2_BANNER.NASL | description | The version of Apple iTunes running on the remote host is prior to
12.6.2. It is, therefore, affected by multiple vulnerabilities :
- Multiple out-of-bounds read errors exist in the libxml2
component due to improper handling of specially crafted
XML documents. An unauthenticated, remote attacker can
exploit these to disclose user information.
(CVE-2017-7010, CVE-2017-7013)
- Multiple memory corruption issues exist in the Webkit
Web Inspector component due to improper validation of
user-supplied input. An unauthenticated, remote attacker
can exploit these, via a specially crafted web page, to
corrupt memory, resulting in the execution of arbitrary
code. (CVE-2017-7012)
- Multiple memory corruption issues exist in the WebKit
component due to improper validation of input. An
unauthenticated, remote attacker can exploit these
issues, via a specially crafted web page, to execute
arbitrary code. (CVE-2017-7018, CVE-2017-7020,
CVE-2017-7030, CVE-2017-7034, CVE-2017-7037,
CVE-2017-7039, CVE-2017-7040, CVE-2017-7041,
CVE-2017-7042, CVE-2017-7043, CVE-2017-7046,
CVE-2017-7048, CVE-2017-7049, CVE-2017-7052,
CVE-2017-7055, CVE-2017-7056, CVE-2017-7061)
- A memory corruption issue exists in the 'WebKit Page
Loading' component due to improper validation of input.
An unauthenticated, remote attacker can exploit this,
via a specially crafted web page, to execute arbitrary
code. (CVE-2017-7019)
- A flaw exists in the iPodService component when handling
the iPodManager COM control due to insufficient access
restrictions. A local attacker can exploit this, via
a specially crafted application, to execute arbitrary
code with system privileges. (CVE-2017-7053)
- An unspecified memory initialization issue exists in
Webkit. A local attacker can exploit this, via a
specially crafted application, to disclose the contents
of restricted memory. (CVE-2017-7064)
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number. | last seen | 2019-01-16 | modified | 2018-07-12 | plugin id | 101955 | published | 2017-07-25 | reporter | Tenable | source | https://www.tenable.com/plugins/index.php?view=single&id=101955 | title | Apple iTunes < 12.6.2 Multiple Vulnerabilities (uncredentialed check) |
NASL family | SuSE Local Security Checks | NASL id | OPENSUSE-2018-118.NASL | description | This update for webkit2gtk3 fixes the following issues :
Update to version 2.18.5 :
+ Disable SharedArrayBuffers from Web API.
+ Reduce the precision of 'high' resolution time to 1ms.
+ bsc#1075419 - Security fixes: includes improvements to
mitigate the effects of Spectre and Meltdown
(CVE-2017-5753 and CVE-2017-5715).
Update to version 2.18.4 :
+ Make WebDriver implementation more spec compliant.
+ Fix a bug when trying to remove cookies before a web
process is spawned.
+ WebKitWebDriver process no longer links to
libjavascriptcoregtk.
+ Fix several memory leaks in GStreamer media backend.
+ bsc#1073654 - Security fixes: CVE-2017-13866,
CVE-2017-13870, CVE-2017-7156, CVE-2017-13856.
Update to version 2.18.3 :
+ Improve calculation of font metrics to prevent
scrollbars from being shown unnecessarily in some cases.
+ Fix handling of null capabilities in WebDriver
implementation.
+ Security fixes: CVE-2017-13798, CVE-2017-13788,
CVE-2017-13803.
Update to version 2.18.2 :
+ Fix rendering of arabic text.
+ Fix a crash in the web process when decoding GIF images.
+ Fix rendering of wind in Windy.com.
+ Fix several crashes and rendering issues.
Update to version 2.18.1 :
+ Improve performance of GIF animations.
+ Fix garbled display in GMail.
+ Fix rendering of several material design icons when
using the web font.
+ Fix flickering when resizing the window in Wayland.
+ Prevent default kerberos authentication credentials from
being used in ephemeral sessions.
+ Fix a crash when webkit_web_resource_get_data() is
cancelled.
+ Correctly handle touchmove and touchend events in
WebKitWebView.
+ Fix the build with enchant 2.1.1.
+ Fix the build in HPPA and Alpha.
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2017-7081, CVE-2017-7087,
CVE-2017-7089, CVE-2017-7090, CVE-2017-7091,
CVE-2017-7092, CVE-2017-7093, CVE-2017-7094,
CVE-2017-7095, CVE-2017-7096, CVE-2017-7098,
CVE-2017-7099, CVE-2017-7100, CVE-2017-7102,
CVE-2017-7104, CVE-2017-7107, CVE-2017-7109,
CVE-2017-7111, CVE-2017-7117, CVE-2017-7120,
CVE-2017-7142.
- Enable gold linker on s390/s390x on SLE15/Tumbleweed.
This update was imported from the SUSE:SLE-12-SP2:Update update
project. | last seen | 2019-01-16 | modified | 2018-05-25 | plugin id | 106549 | published | 2018-02-01 | reporter | Tenable | source | https://www.tenable.com/plugins/index.php?view=single&id=106549 | title | openSUSE Security Update : webkit2gtk3 (openSUSE-2018-118) (Meltdown) (Spectre) |
NASL family | SuSE Local Security Checks | NASL id | SUSE_SU-2018-0219-1.NASL | description | This update for webkit2gtk3 fixes the following issues: Update to
version 2.18.5 :
+ Disable SharedArrayBuffers from Web API.
+ Reduce the precision of 'high' resolution time to 1ms.
+ bsc#1075419 - Security fixes: includes improvements to
mitigate the effects of Spectre and Meltdown
(CVE-2017-5753 and CVE-2017-5715). Update to version
2.18.4 :
+ Make WebDriver implementation more spec compliant.
+ Fix a bug when trying to remove cookies before a web
process is spawned.
+ WebKitWebDriver process no longer links to
libjavascriptcoregtk.
+ Fix several memory leaks in GStreamer media backend.
+ bsc#1073654 - Security fixes: CVE-2017-13866,
CVE-2017-13870, CVE-2017-7156, CVE-2017-13856. Update to
version 2.18.3 :
+ Improve calculation of font metrics to prevent
scrollbars from being shown unnecessarily in some cases.
+ Fix handling of null capabilities in WebDriver
implementation.
+ Security fixes: CVE-2017-13798, CVE-2017-13788,
CVE-2017-13803. Update to version 2.18.2 :
+ Fix rendering of arabic text.
+ Fix a crash in the web process when decoding GIF images.
+ Fix rendering of wind in Windy.com.
+ Fix several crashes and rendering issues. Update to
version 2.18.1 :
+ Improve performance of GIF animations.
+ Fix garbled display in GMail.
+ Fix rendering of several material design icons when
using the web font.
+ Fix flickering when resizing the window in Wayland.
+ Prevent default kerberos authentication credentials from
being used in ephemeral sessions.
+ Fix a crash when webkit_web_resource_get_data() is
cancelled.
+ Correctly handle touchmove and touchend events in
WebKitWebView.
+ Fix the build with enchant 2.1.1.
+ Fix the build in HPPA and Alpha.
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2017-7081, CVE-2017-7087,
CVE-2017-7089, CVE-2017-7090, CVE-2017-7091,
CVE-2017-7092, CVE-2017-7093, CVE-2017-7094,
CVE-2017-7095, CVE-2017-7096, CVE-2017-7098,
CVE-2017-7099, CVE-2017-7100, CVE-2017-7102,
CVE-2017-7104, CVE-2017-7107, CVE-2017-7109,
CVE-2017-7111, CVE-2017-7117, CVE-2017-7120,
CVE-2017-7142.
- Enable gold linker on s390/s390x on SLE15/Tumbleweed.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues. | last seen | 2019-01-16 | modified | 2018-12-01 | plugin id | 106370 | published | 2018-01-26 | reporter | Tenable | source | https://www.tenable.com/plugins/index.php?view=single&id=106370 | title | SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2018:0219-1) (Meltdown) (Spectre) |
|