var-201704-0812
Vulnerability from variot
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. MacOS is a set of operating systems running on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features.
The "Kernel" component of many Apple products has a denial of service vulnerability. Apple iOS, WatchOS, macOS and tvOS are prone to a memory corruption vulnerability. Failed exploit attempts may result in a denial-of-service condition. The following versions are affected: Versions prior to Apple iOS 10.3 Versions prior to Apple watchOS 3.2 Versions prior to Apple tvOS 10.2 Versions prior to Apple macOS 10.12.4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0812",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "eq",
"trust": 1.4,
"vendor": "apple",
"version": "10.12.3"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.12.3"
},
{
"model": "tvos",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "watchos",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.9,
"vendor": "apple",
"version": "3.1.3"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.3 (ipad first 4 after generation )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.3 (iphone 5 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.3 (ipod touch first 6 after generation )"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.2 (apple tv first 4 generation )"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "3.2 (apple watch all models )"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.6,
"vendor": "apple",
"version": "10.2"
},
{
"model": "macos",
"scope": "lt",
"trust": 0.6,
"vendor": "apple",
"version": "10.12.4"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.6,
"vendor": "apple",
"version": "10.3"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.6,
"vendor": "apple",
"version": "3.2"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.2"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "1.0"
},
{
"model": "watch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.2"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.3"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "50"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "40"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "30"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"model": "watchos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "tvos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "security update yosemite",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2017-0010"
},
{
"model": "security update el capitan",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2017-0010"
},
{
"model": "macos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.4"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.3"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05002"
},
{
"db": "BID",
"id": "97301"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-115"
},
{
"db": "NVD",
"id": "CVE-2017-2490"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:watchos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ian Beer of Google Project Zero, The UK\u0027s National Cyber Security Centre (NCSC).",
"sources": [
{
"db": "BID",
"id": "97301"
}
],
"trust": 0.3
},
"cve": "CVE-2017-2490",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-2490",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-05002",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-110693",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2017-2490",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2490",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-2490",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-05002",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-115",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-110693",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05002"
},
{
"db": "VULHUB",
"id": "VHN-110693"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-115"
},
{
"db": "NVD",
"id": "CVE-2017-2490"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. iOS is a mobile operating system developed by Apple. Apple Corps first announced this system at the Macworld conference on January 9, 2007. It was originally designed for the iPhone and later applied to iPod touch, iPad, and Apple TV. tvOS is a system developed by Apple. Based on iOS, tvOS is an operating system designed for the fourth generation of Apple TV. MacOS is a set of operating systems running on Apple Macintosh computers. watchOS is a mobile operating system for the Apple Watch developed by Apple. It is based on the iOS operating system and has many similar features. \n\nThe \"Kernel\" component of many Apple products has a denial of service vulnerability. Apple iOS, WatchOS, macOS and tvOS are prone to a memory corruption vulnerability. Failed exploit attempts may result in a denial-of-service condition. \nThe following versions are affected:\nVersions prior to Apple iOS 10.3\nVersions prior to Apple watchOS 3.2\nVersions prior to Apple tvOS 10.2\nVersions prior to Apple macOS 10.12.4",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2490"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"db": "CNVD",
"id": "CNVD-2017-05002"
},
{
"db": "BID",
"id": "97301"
},
{
"db": "VULHUB",
"id": "VHN-110693"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-110693",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110693"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-2490",
"trust": 3.4
},
{
"db": "BID",
"id": "97301",
"trust": 2.6
},
{
"db": "EXPLOIT-DB",
"id": "41804",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU90482935",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002338",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-115",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-05002",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "141983",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-92884",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-110693",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05002"
},
{
"db": "VULHUB",
"id": "VHN-110693"
},
{
"db": "BID",
"id": "97301"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-115"
},
{
"db": "NVD",
"id": "CVE-2017-2490"
}
]
},
"id": "VAR-201704-0812",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-110693"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:29:47.044000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT201222"
},
{
"title": "HT207615",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT207615"
},
{
"title": "HT207617",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT207617"
},
{
"title": "HT207601",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT207601"
},
{
"title": "HT207602",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT207602"
},
{
"title": "HT207601",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT207601"
},
{
"title": "HT207602",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT207602"
},
{
"title": "HT207615",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT207615"
},
{
"title": "HT207617",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT207617"
},
{
"title": "Patch for Apple iOS / tvOS / macOS / watchOS Denial of Service Vulnerability (CNVD-2017-05002)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/92264"
},
{
"title": "Multiple Apple product Kernel Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=69008"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05002"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-115"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-110693"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"db": "NVD",
"id": "CVE-2017-2490"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/97301"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht207601"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht207602"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht207615"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht207617"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/41804/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2490"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2490"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90482935/index.html"
},
{
"trust": 0.3,
"url": "https://www.apple.com/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ios/"
},
{
"trust": 0.3,
"url": "https://www.apple.com/osx/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/accessibility/tvos/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/watchos-2/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-05002"
},
{
"db": "VULHUB",
"id": "VHN-110693"
},
{
"db": "BID",
"id": "97301"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-115"
},
{
"db": "NVD",
"id": "CVE-2017-2490"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-05002"
},
{
"db": "VULHUB",
"id": "VHN-110693"
},
{
"db": "BID",
"id": "97301"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-115"
},
{
"db": "NVD",
"id": "CVE-2017-2490"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05002"
},
{
"date": "2017-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-110693"
},
{
"date": "2017-04-01T00:00:00",
"db": "BID",
"id": "97301"
},
{
"date": "2017-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"date": "2017-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-115"
},
{
"date": "2017-04-02T01:59:04.077000",
"db": "NVD",
"id": "CVE-2017-2490"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-05002"
},
{
"date": "2019-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-110693"
},
{
"date": "2017-04-04T00:03:00",
"db": "BID",
"id": "97301"
},
{
"date": "2017-04-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-002338"
},
{
"date": "2019-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-115"
},
{
"date": "2024-11-21T03:23:37.923000",
"db": "NVD",
"id": "CVE-2017-2490"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-115"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Vulnerability in the kernel component of a product that allows arbitrary code execution in privileged contexts",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-002338"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-115"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.