var-201704-0725
Vulnerability from variot
An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and Keynote before 7.1 on macOS and Pages before 3.1, Numbers before 3.1, and Keynote before 3.1 on iOS are affected. The issue involves the "Export" component. It allows users to bypass iWork PDF password protection by leveraging use of 40-bit RC4. Apple iOS/Mac is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may lead to further attacks. Both Apple iOS and Mac are products of the American company Apple (Apple). The former is an operating system developed for mobile devices, while the latter is a computer product. Pages is one of the applications that provides word processing and page layout; Numbers is one of the electronic form applications; Keynote is one of the presentation applications. Attackers can exploit this vulnerability to disclose the content of password-protected PDFs. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2017-03-27-1 Pages 6.1, Numbers 4.1, and Keynote 7.1 for Mac; Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS are now available and address the following:
Export Available for: macOS 10.12 Sierra or later, iOS 10 or later Impact: The contents of password-protected PDFs exported from iWork may be exposed Description: iWork used weak 40-bit RC4 encryption for password- protected PDF exports.
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJY2VkhAAoJEIOj74w0bLRGtMYQAMixdDDlyh/wWcT8bTLSekBU 6CqKrmus7LmaKyaqSjpzTlh4P40fLjpiPEukBzSerLeHlSBZ2mOpGcpXcC5evRDG GVJe5J7DeJyfk0Asta+9sgX/YAms9VcqZS9AxAVA7LeP1yspxAej6FMyP+vnvK6c y4SAzxlAZLjzMORaXnn/erp9SAtyyituD1TIhP4dIjcM7YNb0heKO46FCFVflcKd jqamu5A+W7D3i0f2dxlw5cN8J2Lpbeue/hoKT+thO+97zGjvUtqY53LOvOGcpYvD bxp3Ld2fCgCVgpalIrsvBYXbnBTgn/Mvve8dax2Ub0s95IxQkEr3SP1gr/YubSE9 EXg1PhmwnozUXsbZZV68nnQ2xfzc5CgjjojPBF8sg8BCFqXy4k5qkHi9sLdwxCis Hlcl6OyrkF+Puqjs3XZPzfSUKndL4pXiIv8H7nPgtCIsIF6BjABQGLUKOSNNtQwe ySAatdMCB1ut3NkSBh+yjIsK9QshiD9JbUhlZkLvkJhhcZp+rFac4adTN6U9svbO ehttNA2kPOW/YnYv42tk499cA+S3gHYHl7jzGnQNq2aQT/AZFg9lDJFYS0qqdLCW G0XaKDiSzsAkCa54UIyc2e+/St/b10kNXuTxKa/Q9Y9Mh9RtJUHHm0FrLPkevZJ7 MxmltI7TPqTEOCpaYFfd =cT2K -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0725",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "keynote",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.5"
},
{
"model": "keynote",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "numbers",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.5"
},
{
"model": "pages",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "numbers",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "pages",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.5"
},
{
"model": "keynote",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "3.1 (ios 10.0 or later )"
},
{
"model": "keynote",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "7.1 (macos 10.12 or later )"
},
{
"model": "numbers",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "3.1 (ios 10.0 or later )"
},
{
"model": "numbers",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "4.1 (macos 10.12 or later )"
},
{
"model": "pages",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "3.1 (ios 10.0 or later )"
},
{
"model": "pages",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.1 (macos 10.12 or later )"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "numbers",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "3.0.5"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "numbers",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "3.0.5"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "3.0.5"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.6"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "pages",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "numbers",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.6"
},
{
"model": "numbers",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.5"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.5"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.2"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "keynote",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "pages",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "pages",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "numbers",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "numbers",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "keynote",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "keynote",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
}
],
"sources": [
{
"db": "BID",
"id": "97126"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1278"
},
{
"db": "NVD",
"id": "CVE-2017-2391"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:keynote",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:numbers",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:pages",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Philipp Eckel of ThoughtWorks.",
"sources": [
{
"db": "BID",
"id": "97126"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1278"
}
],
"trust": 0.9
},
"cve": "CVE-2017-2391",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-2391",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-110594",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"id": "CVE-2017-2391",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2391",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-2391",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-1278",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-110594",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-2391",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110594"
},
{
"db": "VULMON",
"id": "CVE-2017-2391"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1278"
},
{
"db": "NVD",
"id": "CVE-2017-2391"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and Keynote before 7.1 on macOS and Pages before 3.1, Numbers before 3.1, and Keynote before 3.1 on iOS are affected. The issue involves the \"Export\" component. It allows users to bypass iWork PDF password protection by leveraging use of 40-bit RC4. Apple iOS/Mac is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to obtain sensitive information that may lead to further attacks. Both Apple iOS and Mac are products of the American company Apple (Apple). The former is an operating system developed for mobile devices, while the latter is a computer product. Pages is one of the applications that provides word processing and page layout; Numbers is one of the electronic form applications; Keynote is one of the presentation applications. Attackers can exploit this vulnerability to disclose the content of password-protected PDFs. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-03-27-1 Pages 6.1, Numbers 4.1, and Keynote 7.1\nfor Mac; Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS are now\navailable and address the following:\n\nExport\nAvailable for: macOS 10.12 Sierra or later, iOS 10 or later\nImpact: The contents of password-protected PDFs exported from iWork\nmay be exposed\nDescription: iWork used weak 40-bit RC4 encryption for password-\nprotected PDF exports. \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJY2VkhAAoJEIOj74w0bLRGtMYQAMixdDDlyh/wWcT8bTLSekBU\n6CqKrmus7LmaKyaqSjpzTlh4P40fLjpiPEukBzSerLeHlSBZ2mOpGcpXcC5evRDG\nGVJe5J7DeJyfk0Asta+9sgX/YAms9VcqZS9AxAVA7LeP1yspxAej6FMyP+vnvK6c\ny4SAzxlAZLjzMORaXnn/erp9SAtyyituD1TIhP4dIjcM7YNb0heKO46FCFVflcKd\njqamu5A+W7D3i0f2dxlw5cN8J2Lpbeue/hoKT+thO+97zGjvUtqY53LOvOGcpYvD\nbxp3Ld2fCgCVgpalIrsvBYXbnBTgn/Mvve8dax2Ub0s95IxQkEr3SP1gr/YubSE9\nEXg1PhmwnozUXsbZZV68nnQ2xfzc5CgjjojPBF8sg8BCFqXy4k5qkHi9sLdwxCis\nHlcl6OyrkF+Puqjs3XZPzfSUKndL4pXiIv8H7nPgtCIsIF6BjABQGLUKOSNNtQwe\nySAatdMCB1ut3NkSBh+yjIsK9QshiD9JbUhlZkLvkJhhcZp+rFac4adTN6U9svbO\nehttNA2kPOW/YnYv42tk499cA+S3gHYHl7jzGnQNq2aQT/AZFg9lDJFYS0qqdLCW\nG0XaKDiSzsAkCa54UIyc2e+/St/b10kNXuTxKa/Q9Y9Mh9RtJUHHm0FrLPkevZJ7\nMxmltI7TPqTEOCpaYFfd\n=cT2K\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2391"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"db": "BID",
"id": "97126"
},
{
"db": "VULHUB",
"id": "VHN-110594"
},
{
"db": "VULMON",
"id": "CVE-2017-2391"
},
{
"db": "PACKETSTORM",
"id": "141993"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2391",
"trust": 3.0
},
{
"db": "BID",
"id": "97126",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1038135",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1038134",
"trust": 1.2
},
{
"db": "SECTRACK",
"id": "1038136",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU90482935",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002415",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1278",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "36243",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "141993",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-110594",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-2391",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110594"
},
{
"db": "VULMON",
"id": "CVE-2017-2391"
},
{
"db": "BID",
"id": "97126"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"db": "PACKETSTORM",
"id": "141993"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1278"
},
{
"db": "NVD",
"id": "CVE-2017-2391"
}
]
},
"id": "VAR-201704-0725",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-110594"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:30:07.056000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT201222"
},
{
"title": "HT207595",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT207595"
},
{
"title": "HT207595",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT207595"
},
{
"title": "Apple Pages , Numbers and Keynote for iOS and Mac Export Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68830"
},
{
"title": "Apple: Pages 6.1, Numbers 4.1, and Keynote 7.1 for Mac and Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=567bff5986d19f178f6d7f28846c48c4"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-2391"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1278"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-326",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110594"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"db": "NVD",
"id": "CVE-2017-2391"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/97126"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht207595"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1038134"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1038135"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1038136"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2391"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2391"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90482935/index.html"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/36243"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ios/"
},
{
"trust": 0.3,
"url": "https://support.apple.com/en-us/ht207595"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/326.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht207595"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://gpgtools.org"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110594"
},
{
"db": "VULMON",
"id": "CVE-2017-2391"
},
{
"db": "BID",
"id": "97126"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"db": "PACKETSTORM",
"id": "141993"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1278"
},
{
"db": "NVD",
"id": "CVE-2017-2391"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-110594"
},
{
"db": "VULMON",
"id": "CVE-2017-2391"
},
{
"db": "BID",
"id": "97126"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"db": "PACKETSTORM",
"id": "141993"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1278"
},
{
"db": "NVD",
"id": "CVE-2017-2391"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-110594"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2391"
},
{
"date": "2017-03-27T00:00:00",
"db": "BID",
"id": "97126"
},
{
"date": "2017-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"date": "2017-03-27T14:44:44",
"db": "PACKETSTORM",
"id": "141993"
},
{
"date": "2017-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1278"
},
{
"date": "2017-04-02T01:59:00.667000",
"db": "NVD",
"id": "CVE-2017-2391"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-12T00:00:00",
"db": "VULHUB",
"id": "VHN-110594"
},
{
"date": "2017-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2017-2391"
},
{
"date": "2017-03-29T01:02:00",
"db": "BID",
"id": "97126"
},
{
"date": "2017-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002415"
},
{
"date": "2017-03-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1278"
},
{
"date": "2024-11-21T03:23:25.970000",
"db": "NVD",
"id": "CVE-2017-2391"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1278"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple In the product export component iWork PDF Vulnerability that bypasses password protection",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002415"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1278"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…