var-201704-0798
Vulnerability from variot
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple security vulnerabilities. Attackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2.
Gentoo Linux Security Advisory GLSA 201706-15
https://security.gentoo.org/
Severity: Normal Title: WebKitGTK+: Multiple vulnerabilities Date: June 07, 2017 Bugs: #543650, #573656, #577068, #608958, #614876, #619788 ID: 201706-15
Synopsis
Multiple vulnerabilities have been found in WebKitGTK+, the worst of which allows remote attackers to execute arbitrary code.
Background
WebKitGTK+ is a full-featured port of the WebKit rendering engine.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3
Description
Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details.
Impact
A remote attack can use multiple vectors to execute arbitrary code or cause a denial of service condition.
Workaround
There is no known workaround at this time.
Resolution
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.16.3:4"
References
[ 1 ] CVE-2015-2330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330 [ 2 ] CVE-2015-7096 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096 [ 3 ] CVE-2015-7098 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098 [ 4 ] CVE-2016-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723 [ 5 ] CVE-2016-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724 [ 6 ] CVE-2016-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725 [ 7 ] CVE-2016-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726 [ 8 ] CVE-2016-1727 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727 [ 9 ] CVE-2016-1728 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728 [ 10 ] CVE-2016-4692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692 [ 11 ] CVE-2016-4743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743 [ 12 ] CVE-2016-7586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586 [ 13 ] CVE-2016-7587 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587 [ 14 ] CVE-2016-7589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589 [ 15 ] CVE-2016-7592 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592 [ 16 ] CVE-2016-7598 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598 [ 17 ] CVE-2016-7599 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599 [ 18 ] CVE-2016-7610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610 [ 19 ] CVE-2016-7611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611 [ 20 ] CVE-2016-7623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623 [ 21 ] CVE-2016-7632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632 [ 22 ] CVE-2016-7635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635 [ 23 ] CVE-2016-7639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639 [ 24 ] CVE-2016-7640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640 [ 25 ] CVE-2016-7641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641 [ 26 ] CVE-2016-7642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642 [ 27 ] CVE-2016-7645 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645 [ 28 ] CVE-2016-7646 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646 [ 29 ] CVE-2016-7648 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648 [ 30 ] CVE-2016-7649 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649 [ 31 ] CVE-2016-7652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652 [ 32 ] CVE-2016-7654 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654 [ 33 ] CVE-2016-7656 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656 [ 34 ] CVE-2016-9642 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642 [ 35 ] CVE-2016-9643 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643 [ 36 ] CVE-2017-2350 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350 [ 37 ] CVE-2017-2354 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354 [ 38 ] CVE-2017-2355 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355 [ 39 ] CVE-2017-2356 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356 [ 40 ] CVE-2017-2362 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362 [ 41 ] CVE-2017-2363 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363 [ 42 ] CVE-2017-2364 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364 [ 43 ] CVE-2017-2365 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365 [ 44 ] CVE-2017-2366 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366 [ 45 ] CVE-2017-2367 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367 [ 46 ] CVE-2017-2369 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369 [ 47 ] CVE-2017-2371 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371 [ 48 ] CVE-2017-2373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373 [ 49 ] CVE-2017-2376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376 [ 50 ] CVE-2017-2377 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377 [ 51 ] CVE-2017-2386 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386 [ 52 ] CVE-2017-2392 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392 [ 53 ] CVE-2017-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394 [ 54 ] CVE-2017-2395 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395 [ 55 ] CVE-2017-2396 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396 [ 56 ] CVE-2017-2405 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405 [ 57 ] CVE-2017-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415 [ 58 ] CVE-2017-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419 [ 59 ] CVE-2017-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433 [ 60 ] CVE-2017-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442 [ 61 ] CVE-2017-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445 [ 62 ] CVE-2017-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446 [ 63 ] CVE-2017-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447 [ 64 ] CVE-2017-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454 [ 65 ] CVE-2017-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455 [ 66 ] CVE-2017-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457 [ 67 ] CVE-2017-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459 [ 68 ] CVE-2017-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460 [ 69 ] CVE-2017-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464 [ 70 ] CVE-2017-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465 [ 71 ] CVE-2017-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466 [ 72 ] CVE-2017-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468 [ 73 ] CVE-2017-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469 [ 74 ] CVE-2017-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470 [ 75 ] CVE-2017-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471 [ 76 ] CVE-2017-2475 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475 [ 77 ] CVE-2017-2476 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476 [ 78 ] CVE-2017-2481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481 [ 79 ] CVE-2017-2496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496 [ 80 ] CVE-2017-2504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504 [ 81 ] CVE-2017-2505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505 [ 82 ] CVE-2017-2506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506 [ 83 ] CVE-2017-2508 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508 [ 84 ] CVE-2017-2510 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510 [ 85 ] CVE-2017-2514 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514 [ 86 ] CVE-2017-2515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515 [ 87 ] CVE-2017-2521 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521 [ 88 ] CVE-2017-2525 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525 [ 89 ] CVE-2017-2526 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526 [ 90 ] CVE-2017-2528 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528 [ 91 ] CVE-2017-2530 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530 [ 92 ] CVE-2017-2531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531 [ 93 ] CVE-2017-2536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536 [ 94 ] CVE-2017-2539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539 [ 95 ] CVE-2017-2544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544 [ 96 ] CVE-2017-2547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547 [ 97 ] CVE-2017-2549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549 [ 98 ] CVE-2017-6980 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980 [ 99 ] CVE-2017-6984 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201706-15
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201704-0798", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "tvos", scope: "lt", trust: 1, vendor: "apple", version: "10.2", }, { model: "iphone os", scope: "lt", trust: 1, vendor: "apple", version: "10.3", }, { model: "safari", scope: "lt", trust: 1, vendor: "apple", version: "10.1", }, { model: "safari", scope: "eq", trust: 0.9, vendor: "apple", version: "10.0.3", }, { model: "ios", scope: "lt", trust: 0.8, vendor: "apple", version: "10.3 (ipad first 4 after generation )", }, { model: "ios", scope: "lt", trust: 0.8, vendor: "apple", version: "10.3 (iphone 5 or later )", }, { model: "ios", scope: "lt", trust: 0.8, vendor: "apple", version: "10.3 (ipod touch first 6 after generation )", }, { model: "safari", scope: "lt", trust: 0.8, vendor: "apple", version: "10.1 (macos sierra 10.12.4)", }, { model: "safari", scope: "lt", trust: 0.8, vendor: "apple", version: "10.1 (os x el capitan v10.11.6)", }, { model: "safari", scope: "lt", trust: 0.8, vendor: "apple", version: "10.1 (os x yosemite v10.10.5)", }, { model: "tvos", scope: "lt", trust: 0.8, vendor: "apple", version: "10.2 (apple tv first 4 generation )", }, { model: "tv", scope: "eq", trust: 0.6, vendor: "apple", version: "10.1.1", }, { model: "iphone os", scope: "eq", trust: 0.6, vendor: "apple", version: "10.2.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "30", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.6", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "8", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.1", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "10.0.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.8", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "8.0.4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "1.0", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "1.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "8.0.7", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.5", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.0.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.8", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.31", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "1.2.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.4", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "10.1.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "8.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.1", }, { model: "safari", scope: "ne", trust: 0.3, vendor: "apple", version: "10.1", }, { model: "open source project webkit", scope: "eq", trust: 0.3, vendor: "webkit", version: "0", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "8.0.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "8.4", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "8.1.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "10.0.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.3", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "8.1.3", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "9.2.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2.6", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "9.1.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "8.0.5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.6", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.4", }, { model: "macos", scope: "eq", trust: 0.3, vendor: "apple", version: "10.12.4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1.5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.10", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "2.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "9.1.1", }, { model: "ios", scope: "ne", trust: 0.3, vendor: "apple", version: "10.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.3", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "3.0", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "9.1.1", }, { model: "ipod touch", scope: "eq", trust: 0.3, vendor: "apple", version: "0", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.3.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "40", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.3", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "9.0.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.6", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.7", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.4", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "10.2.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "9.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.11.6", }, { model: "linux", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "16.10", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.6", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.5", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "9", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "10", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1.4", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "8.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.5", }, { model: "tvos", scope: "ne", trust: 0.3, vendor: "apple", version: "10.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "10", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.0.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2.5", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.5", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.34", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2.4", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "8.4.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "9.0.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1", }, { model: "tv", scope: "eq", trust: 0.3, vendor: "apple", version: "0", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "6.3.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.6", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "50", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.9", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "10.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "10.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1.4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.5", }, { model: "linux", scope: null, trust: 0.3, vendor: "gentoo", version: null, }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "8.0.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.2.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "10", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0.4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "8.0.8", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "1.1", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "9.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "3.52", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.1", }, { model: "iphone", scope: "eq", trust: 0.3, vendor: "apple", version: "0", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "10.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.3.4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.31", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.28", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.5", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "9.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.3.5", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "9.2.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "1.3.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "6", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1.3", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "8.1.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0.3", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.7", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "1.2.2", }, { model: "linux lts", scope: "eq", trust: 0.3, vendor: "ubuntu", version: "16.04", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2.7", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1.6", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "10.0.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "1.2.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.33", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2.8", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.30", }, { model: "ipad", scope: "eq", trust: 0.3, vendor: "apple", version: "0", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.10", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.3.3", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "8.0", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1.7", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "8.0.6", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "6.1.6", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "9.1.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "10.0.1", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.1.5", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "1.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "8.0.3", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "1.3.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "9.3.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "9.0.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.1", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "8.3", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.2", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0.4", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.6", }, { model: "safari", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.2", }, { model: "tvos", scope: "eq", trust: 0.3, vendor: "apple", version: "9.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.5", }, { model: "ios", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0.1", }, ], sources: [ { db: "BID", id: "97130", }, { db: "JVNDB", id: "JVNDB-2017-002334", }, { db: "CNNVD", id: "CNNVD-201704-106", }, { db: "NVD", id: "CVE-2017-2475", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:apple:iphone_os", vulnerable: true, }, { cpe22Uri: "cpe:/a:apple:safari", vulnerable: true, }, { cpe22Uri: "cpe:/o:apple:apple_tv", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2017-002334", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "lokihardt of Google Project Zero, Andr&eacute; Bargull, Apple, Ivan Fratric of Google Project Zero, Natalie Silvanovich of Google Project Zero, Jeonghoon Shin, Zheng Huang and Wei Yuan of Baidu Security Lab, 0011 working with Trend Micro's Zero Day Ini", sources: [ { db: "BID", id: "97130", }, ], trust: 0.3, }, cve: "CVE-2017-2475", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2017-2475", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-110678", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2017-2475", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1.8, userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2017-2475", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2017-2475", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-201704-106", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-110678", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2017-2475", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-110678", }, { db: "VULMON", id: "CVE-2017-2475", }, { db: "JVNDB", id: "JVNDB-2017-002334", }, { db: "CNNVD", id: "CNNVD-201704-106", }, { db: "NVD", id: "CVE-2017-2475", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via crafted use of frames on a web site. Apple iOS , Safari ,and tvOS Used in etc. WebKit is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to obtain sensitive information, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site or execute arbitrary code and perform unauthorized actions; Failed exploit attempts will result in denial-of-service conditions. in the United States. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems; tvOS is a smart TV operating system. WebKit is an open source web browser engine developed by the KDE community and is currently used by browsers such as Apple Safari and Google Chrome. The following products and versions are affected: Apple iOS prior to 10.3; Safari prior to 10.1; tvOS prior to 10.2. \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201706-15\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: WebKitGTK+: Multiple vulnerabilities\n Date: June 07, 2017\n Bugs: #543650, #573656, #577068, #608958, #614876, #619788\n ID: 201706-15\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in WebKitGTK+, the worst of\nwhich allows remote attackers to execute arbitrary code. \n\nBackground\n==========\n\nWebKitGTK+ is a full-featured port of the WebKit rendering engine. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-libs/webkit-gtk < 2.16.3 >= 2.16.3\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in WebKitGTK+. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n======\n\nA remote attack can use multiple vectors to execute arbitrary code or\ncause a denial of service condition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll WebKitGTK+ users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/webkit-gtk-2.16.3:4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2015-2330\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2330\n[ 2 ] CVE-2015-7096\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7096\n[ 3 ] CVE-2015-7098\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7098\n[ 4 ] CVE-2016-1723\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1723\n[ 5 ] CVE-2016-1724\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1724\n[ 6 ] CVE-2016-1725\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1725\n[ 7 ] CVE-2016-1726\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1726\n[ 8 ] CVE-2016-1727\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1727\n[ 9 ] CVE-2016-1728\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1728\n[ 10 ] CVE-2016-4692\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4692\n[ 11 ] CVE-2016-4743\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4743\n[ 12 ] CVE-2016-7586\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7586\n[ 13 ] CVE-2016-7587\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7587\n[ 14 ] CVE-2016-7589\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7589\n[ 15 ] CVE-2016-7592\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7592\n[ 16 ] CVE-2016-7598\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7598\n[ 17 ] CVE-2016-7599\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7599\n[ 18 ] CVE-2016-7610\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7610\n[ 19 ] CVE-2016-7611\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7611\n[ 20 ] CVE-2016-7623\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7623\n[ 21 ] CVE-2016-7632\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7632\n[ 22 ] CVE-2016-7635\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7635\n[ 23 ] CVE-2016-7639\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7639\n[ 24 ] CVE-2016-7640\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7640\n[ 25 ] CVE-2016-7641\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7641\n[ 26 ] CVE-2016-7642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7642\n[ 27 ] CVE-2016-7645\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7645\n[ 28 ] CVE-2016-7646\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7646\n[ 29 ] CVE-2016-7648\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7648\n[ 30 ] CVE-2016-7649\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7649\n[ 31 ] CVE-2016-7652\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7652\n[ 32 ] CVE-2016-7654\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7654\n[ 33 ] CVE-2016-7656\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7656\n[ 34 ] CVE-2016-9642\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9642\n[ 35 ] CVE-2016-9643\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9643\n[ 36 ] CVE-2017-2350\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2350\n[ 37 ] CVE-2017-2354\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2354\n[ 38 ] CVE-2017-2355\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2355\n[ 39 ] CVE-2017-2356\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2356\n[ 40 ] CVE-2017-2362\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2362\n[ 41 ] CVE-2017-2363\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2363\n[ 42 ] CVE-2017-2364\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2364\n[ 43 ] CVE-2017-2365\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2365\n[ 44 ] CVE-2017-2366\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2366\n[ 45 ] CVE-2017-2367\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2367\n[ 46 ] CVE-2017-2369\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2369\n[ 47 ] CVE-2017-2371\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2371\n[ 48 ] CVE-2017-2373\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2373\n[ 49 ] CVE-2017-2376\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2376\n[ 50 ] CVE-2017-2377\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2377\n[ 51 ] CVE-2017-2386\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2386\n[ 52 ] CVE-2017-2392\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2392\n[ 53 ] CVE-2017-2394\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2394\n[ 54 ] CVE-2017-2395\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2395\n[ 55 ] CVE-2017-2396\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2396\n[ 56 ] CVE-2017-2405\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2405\n[ 57 ] CVE-2017-2415\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2415\n[ 58 ] CVE-2017-2419\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2419\n[ 59 ] CVE-2017-2433\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2433\n[ 60 ] CVE-2017-2442\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2442\n[ 61 ] CVE-2017-2445\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2445\n[ 62 ] CVE-2017-2446\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2446\n[ 63 ] CVE-2017-2447\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2447\n[ 64 ] CVE-2017-2454\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2454\n[ 65 ] CVE-2017-2455\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2455\n[ 66 ] CVE-2017-2457\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2457\n[ 67 ] CVE-2017-2459\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2459\n[ 68 ] CVE-2017-2460\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2460\n[ 69 ] CVE-2017-2464\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2464\n[ 70 ] CVE-2017-2465\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2465\n[ 71 ] CVE-2017-2466\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2466\n[ 72 ] CVE-2017-2468\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2468\n[ 73 ] CVE-2017-2469\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2469\n[ 74 ] CVE-2017-2470\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2470\n[ 75 ] CVE-2017-2471\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2471\n[ 76 ] CVE-2017-2475\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2475\n[ 77 ] CVE-2017-2476\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2476\n[ 78 ] CVE-2017-2481\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2481\n[ 79 ] CVE-2017-2496\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2496\n[ 80 ] CVE-2017-2504\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2504\n[ 81 ] CVE-2017-2505\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2505\n[ 82 ] CVE-2017-2506\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2506\n[ 83 ] CVE-2017-2508\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2508\n[ 84 ] CVE-2017-2510\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2510\n[ 85 ] CVE-2017-2514\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2514\n[ 86 ] CVE-2017-2515\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2515\n[ 87 ] CVE-2017-2521\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2521\n[ 88 ] CVE-2017-2525\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2525\n[ 89 ] CVE-2017-2526\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2526\n[ 90 ] CVE-2017-2528\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2528\n[ 91 ] CVE-2017-2530\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2530\n[ 92 ] CVE-2017-2531\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2531\n[ 93 ] CVE-2017-2536\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2536\n[ 94 ] CVE-2017-2539\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2539\n[ 95 ] CVE-2017-2544\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2544\n[ 96 ] CVE-2017-2547\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2547\n[ 97 ] CVE-2017-2549\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-2549\n[ 98 ] CVE-2017-6980\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6980\n[ 99 ] CVE-2017-6984\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6984\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201706-15\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n--NcNxMnppmhackEL27c23XhPLDAAQ7GQcq--\n\n", sources: [ { db: "NVD", id: "CVE-2017-2475", }, { db: "JVNDB", id: "JVNDB-2017-002334", }, { db: "BID", id: "97130", }, { db: "VULHUB", id: "VHN-110678", }, { db: "VULMON", id: "CVE-2017-2475", }, { db: "PACKETSTORM", id: "142825", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2017-2475", trust: 3, }, { db: "BID", id: "97130", trust: 2.1, }, { db: "SECTRACK", id: "1038137", trust: 1.8, }, { db: "JVN", id: "JVNVU90482935", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2017-002334", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201704-106", trust: 0.7, }, { db: "VULHUB", id: "VHN-110678", trust: 0.1, }, { db: "VULMON", id: "CVE-2017-2475", trust: 0.1, }, { db: "PACKETSTORM", id: "142825", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-110678", }, { db: "VULMON", id: "CVE-2017-2475", }, { db: "BID", id: "97130", }, { db: "JVNDB", id: "JVNDB-2017-002334", }, { db: "PACKETSTORM", id: "142825", }, { db: "CNNVD", id: "CNNVD-201704-106", }, { db: "NVD", id: "CVE-2017-2475", }, ], }, id: "VAR-201704-0798", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-110678", }, ], trust: 0.01, }, last_update_date: "2024-11-23T19:54:23.165000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Apple security updates", trust: 0.8, url: "https://support.apple.com/en-us/HT201222", }, { title: "HT207617", trust: 0.8, url: "https://support.apple.com/en-us/HT207617", }, { title: "HT207600", trust: 0.8, url: "https://support.apple.com/en-us/HT207600", }, { title: "HT207601", trust: 0.8, url: "https://support.apple.com/en-us/HT207601", }, { title: "HT207600", trust: 0.8, url: "https://support.apple.com/ja-jp/HT207600", }, { title: "HT207601", trust: 0.8, url: "https://support.apple.com/ja-jp/HT207601", }, { title: "HT207617", trust: 0.8, url: "https://support.apple.com/ja-jp/HT207617", }, { title: "Multiple Apple product WebKit Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68999", }, { title: "Arch Linux Issues: ", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2017-2475", }, { title: "Apple: tvOS 10.2", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=96152d4695ab80cff7cf110b4458ab10", }, { title: "Apple: Safari 10.1", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=5c4ba20f7a3a0bac6dc3db074ec0daa4", }, { title: "Ubuntu Security Notice: webkit2gtk vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3257-1", }, { title: "Apple: iOS 10.3", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=e3eec66a6152b7f2dac0fe21bb8ee9cd", }, { title: "Arch Linux Advisories: [ASA-201704-9] webkit2gtk: multiple issues", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201704-9", }, { title: "uxss-db", trust: 0.1, url: "https://github.com/Metnew/uxss-db ", }, { title: "tensorflow", trust: 0.1, url: "https://github.com/elmasryelec/tensorflow ", }, { title: "uxss-db", trust: 0.1, url: "https://github.com/0xR0/uxss-db ", }, { title: "Exp101tsArchiv30thers", trust: 0.1, url: "https://github.com/nu11secur1ty/Exp101tsArchiv30thers ", }, { title: "awesome-cve-poc_qazbnm456", trust: 0.1, url: "https://github.com/xbl3/awesome-cve-poc_qazbnm456 ", }, ], sources: [ { db: "VULMON", id: "CVE-2017-2475", }, { db: "JVNDB", id: "JVNDB-2017-002334", }, { db: "CNNVD", id: "CNNVD-201704-106", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-110678", }, { db: "JVNDB", id: "JVNDB-2017-002334", }, { db: "NVD", id: "CVE-2017-2475", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.9, url: "http://www.securityfocus.com/bid/97130", }, { trust: 1.9, url: "https://security.gentoo.org/glsa/201706-15", }, { trust: 1.8, url: "https://support.apple.com/ht207600", }, { trust: 1.8, url: "https://support.apple.com/ht207601", }, { trust: 1.8, url: "https://support.apple.com/ht207617", }, { trust: 1.8, url: "http://www.securitytracker.com/id/1038137", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2475", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu90482935/index.html", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2017-2475", }, { trust: 0.3, url: "https://www.apple.com/", }, { trust: 0.3, url: "http://www.apple.com/ios/", }, { trust: 0.3, url: "https://www.apple.com/osx/", }, { trust: 0.3, url: "http://www.apple.com/safari/download/", }, { trust: 0.3, url: "http://www.webkit.org/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/79.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://security.archlinux.org/cve-2017-2475", }, { trust: 0.1, url: "https://support.apple.com/kb/ht207601", }, { trust: 0.1, url: "https://usn.ubuntu.com/3257-1/", }, { trust: 0.1, url: "https://tools.cisco.com/security/center/viewalert.x?alertid=53194", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7096", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2394", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7652", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2363", }, { trust: 0.1, url: "https://security.gentoo.org/", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2457", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2386", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7587", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2350", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2366", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7589", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2466", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2475", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7586", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7654", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2442", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7646", }, { trust: 0.1, url: "http://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7586", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7641", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2367", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-1724", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7599", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2373", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2530", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2459", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7611", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7598", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7611", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2465", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-6980", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-1725", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1727", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2454", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2455", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-1727", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7656", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2544", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2354", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9643", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4692", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2447", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2377", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2464", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7632", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-1728", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2470", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7648", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2365", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2506", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7646", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1728", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7589", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7587", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2549", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2471", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2526", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7639", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1726", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-4743", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7598", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2514", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2515", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2521", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7641", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2539", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2369", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7632", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7640", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1724", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2460", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2371", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7623", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2419", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2481", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7635", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7645", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2364", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2469", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7096", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7642", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1725", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2468", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7645", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2505", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2510", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-1723", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7610", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-6984", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7610", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2330", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-4692", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2547", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7098", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2476", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2376", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7640", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1723", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2405", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2395", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7639", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2362", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7599", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2396", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7649", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2525", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2433", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7098", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9642", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2445", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2356", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7623", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2504", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2508", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2531", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2528", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4743", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7635", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2496", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7642", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-1726", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2392", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2446", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2355", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-7592", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2536", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-2330", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-7592", }, { trust: 0.1, url: "http://nvd.nist.gov/nvd.cfm?cvename=cve-2017-2415", }, ], sources: [ { db: "VULHUB", id: "VHN-110678", }, { db: "VULMON", id: "CVE-2017-2475", }, { db: "BID", id: "97130", }, { db: "JVNDB", id: "JVNDB-2017-002334", }, { db: "PACKETSTORM", id: "142825", }, { db: "CNNVD", id: "CNNVD-201704-106", }, { db: "NVD", id: "CVE-2017-2475", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-110678", }, { db: "VULMON", id: "CVE-2017-2475", }, { db: "BID", id: "97130", }, { db: "JVNDB", id: "JVNDB-2017-002334", }, { db: "PACKETSTORM", id: "142825", }, { db: "CNNVD", id: "CNNVD-201704-106", }, { db: "NVD", id: "CVE-2017-2475", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2017-04-02T00:00:00", db: "VULHUB", id: "VHN-110678", }, { date: "2017-04-02T00:00:00", db: "VULMON", id: "CVE-2017-2475", }, { date: "2017-03-27T00:00:00", db: "BID", id: "97130", }, { date: "2017-04-12T00:00:00", db: "JVNDB", id: "JVNDB-2017-002334", }, { date: "2017-06-07T14:18:30", db: "PACKETSTORM", id: "142825", }, { date: "2017-04-06T00:00:00", db: "CNNVD", id: "CNNVD-201704-106", }, { date: "2017-04-02T01:59:03.543000", db: "NVD", id: "CVE-2017-2475", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-03-25T00:00:00", db: "VULHUB", id: "VHN-110678", }, { date: "2019-03-25T00:00:00", db: "VULMON", id: "CVE-2017-2475", }, { date: "2017-06-08T08:02:00", db: "BID", id: "97130", }, { date: "2017-04-12T00:00:00", db: "JVNDB", id: "JVNDB-2017-002334", }, { date: "2019-03-13T00:00:00", db: "CNNVD", id: "CNNVD-201704-106", }, { date: "2024-11-21T03:23:36.083000", db: "NVD", id: "CVE-2017-2475", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "142825", }, { db: "CNNVD", id: "CNNVD-201704-106", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Apple Used in products WebKit Vulnerable to universal cross-site scripting", sources: [ { db: "JVNDB", id: "JVNDB-2017-002334", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-201704-106", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.