var-201709-0464
Vulnerability from variot
In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default "Bluetooth On" value must be present in Settings. A collection of Bluetooth implementation vulnerabilities known as "BlueBorne" has been released. These vulnerabilities collectively affect Windows, iOS, and Linux-kernel-based operating systems including Android and Tizen, and may in worst case allow an unauthenticated attacker to perform commands on the device. Apple iOS and tvOS are prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service conditions. Following products and versions are vulnerable: Apple iOS 7 through 9.3.5 Apple tvOS. The vulnerability stems from the fact that the program does not correctly verify audio commands. An attacker could exploit this vulnerability to take control of the device. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2019-5-13-5 Safari 12.1.1
Safari 12.1.1 is now available and addresses the following:
WebKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5 Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team
WebKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and included in macOS Mojave 10.14.5 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-6237: G. Geshev working with Trend Micro Zero Day Initiative, Liu Long of Qihoo 360 Vulcan Team CVE-2019-8571: 01 working with Trend Micro's Zero Day Initiative CVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech CVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero Day Initiative CVE-2019-8586: an anonymous researcher CVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security & Privacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab CVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero Day Initiative CVE-2019-8596: Wen Xu of SSLab at Georgia Tech CVE-2019-8597: 01 working with Trend Micro Zero Day Initiative CVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative CVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8609: Wen Xu of SSLab, Georgia Tech CVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative CVE-2019-8611: Samuel Groß of Google Project Zero CVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative CVE-2019-8619: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab CVE-2019-8622: Samuel Groß of Google Project Zero CVE-2019-8623: Samuel Groß of Google Project Zero CVE-2019-8628: Wen Xu of SSLab at Georgia Tech and Hanqing Zhao of Chaitin Security Research Lab
Additional recognition
Safari We would like to acknowledge Michael Ball of Gradescope by Turnitin for their assistance.
Installation note:
Safari 12.1.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlzZrUkpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EGGBAA jan3x6GxZzcawJskOhoEVDuZTcb19c+K9Q+jHPbG6szt2ChRkpZfN2fX+fqG8q7Y Itu63uFCfhWMKRbQrwIvzBceEUsNCbgiKNrIJGtEJkmvZjp84ETTjp5WYjMGCTCI 8pe/ij5TtFwJWWXKboO3rVfxfFcfI/67g/wx05l3h2YFoC9Fm52isUkycaAi0siP M4/nTeoA5BTAuv+7J6ohw5TgcYR8NEENpaVTQcUIMLyO3E/wlRcEoHLRtHnMjR89 CGwZg1/LIF/Ae3hJmg5O9PQMIDU6u8ILi/BVK4LGZ4u3x8Qfvg7fm556J6wBEUuP YZ2Mne5Gg1ayUGw/glTbpAkP1XFymvPloyC6/41r3b46X/nExXER86RC2uNJNNe3 8doCYGznFWWbsGBAAVrWut0sS80nOyjSpoAifkkhqZEXbo8pyvjqfGVGijwzcKcd iTdzhpcYahJ1WUIAIXbxjFlHJ8muFxyKrEuqrjnXqM+EjyYP/tu8VOCl2blTOGLP vPmF6ZBHoP3Dtqk9Z+XNusJFGWo7Nm+HLzXTyQsdbnGu8EnP6ywLHBrmBVu03men Os4rHHH1zueO42iPnATC60y9jvyFt2ofnQHCkPl7FdWS8Ek9nVgIhtzaLokrSQM7 TZ10USIZOmz/2BQs133z+fA30SgDUNDyMIE47x6x3HI= =bWtO -----END PGP SIGNATURE-----
Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0464",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.3.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.3"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.3.3"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.3.4"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.3.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.3.5"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "9.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.1.3"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.4.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.1.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.2"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "android open source",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blackberry",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "lenovo",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "samsung mobile",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tizen",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "7 to 9"
},
{
"model": "systemdirector enterprise",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#240311"
},
{
"db": "BID",
"id": "100816"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-487"
},
{
"db": "NVD",
"id": "CVE-2017-14315"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:nec:systemdirector_enterprise",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007675"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "152848"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-487"
}
],
"trust": 0.7
},
"cve": "CVE-2017-14315",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.5,
"id": "CVE-2017-14315",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 5.5,
"id": "VHN-105025",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2017-14315",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-14315",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-14315",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-487",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-105025",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-14315",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-105025"
},
{
"db": "VULMON",
"id": "CVE-2017-14315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-487"
},
{
"db": "NVD",
"id": "CVE-2017-14315"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default \"Bluetooth On\" value must be present in Settings. A collection of Bluetooth implementation vulnerabilities known as \"BlueBorne\" has been released. These vulnerabilities collectively affect Windows, iOS, and Linux-kernel-based operating systems including Android and Tizen, and may in worst case allow an unauthenticated attacker to perform commands on the device. Apple iOS and tvOS are prone to a heap-based buffer-overflow vulnerability. \nAn attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial of service conditions. \nFollowing products and versions are vulnerable:\nApple iOS 7 through 9.3.5\nApple tvOS. The vulnerability stems from the fact that the program does not correctly verify audio commands. An attacker could exploit this vulnerability to take control of the device. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-5-13-5 Safari 12.1.1\n\nSafari 12.1.1 is now available and addresses the following:\n\nWebKit\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and\nincluded in macOS Mojave 10.14.5\nImpact: Processing maliciously crafted web content may result in the\ndisclosure of process memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team\n\nWebKit\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and\nincluded in macOS Mojave 10.14.5\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2019-6237: G. Geshev working with Trend Micro Zero Day\nInitiative, Liu Long of Qihoo 360 Vulcan Team\nCVE-2019-8571: 01 working with Trend Micro\u0027s Zero Day Initiative\nCVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_)\nof Tencent Keen Lab, and dwfault working at ADLab of Venustech\nCVE-2019-8584: G. Geshev of MWR Labs working with Trend Micro Zero\nDay Initiative\nCVE-2019-8586: an anonymous researcher\nCVE-2019-8587: G. Geshev working with Trend Micro Zero Day Initiative\nCVE-2019-8594: Suyoung Lee and Sooel Son of KAIST Web Security \u0026\nPrivacy Lab and HyungSeok Han and Sang Kil Cha of KAIST SoftSec Lab\nCVE-2019-8595: G. Geshev from MWR Labs working with Trend Micro Zero\nDay Initiative\nCVE-2019-8596: Wen Xu of SSLab at Georgia Tech\nCVE-2019-8597: 01 working with Trend Micro Zero Day Initiative\nCVE-2019-8601: Fluoroacetate working with Trend Micro\u0027s Zero Day\nInitiative\nCVE-2019-8608: G. Geshev working with Trend Micro Zero Day Initiative\nCVE-2019-8609: Wen Xu of SSLab, Georgia Tech\nCVE-2019-8610: Anonymous working with Trend Micro Zero Day Initiative\nCVE-2019-8611: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8615: G. Geshev from MWR Labs working with Trend Micro\u0027s\nZero Day Initiative\nCVE-2019-8619: Wen Xu of SSLab at Georgia Tech and\nHanqing Zhao of Chaitin Security Research Lab\nCVE-2019-8622: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8623: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8628: Wen Xu of SSLab at Georgia Tech and\nHanqing Zhao of Chaitin Security Research Lab\n\nAdditional recognition\n\nSafari\nWe would like to acknowledge Michael Ball of Gradescope by Turnitin\nfor their assistance. \n\nInstallation note:\n\nSafari 12.1.1 may be obtained from the Mac App Store. \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlzZrUkpHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EGGBAA\njan3x6GxZzcawJskOhoEVDuZTcb19c+K9Q+jHPbG6szt2ChRkpZfN2fX+fqG8q7Y\nItu63uFCfhWMKRbQrwIvzBceEUsNCbgiKNrIJGtEJkmvZjp84ETTjp5WYjMGCTCI\n8pe/ij5TtFwJWWXKboO3rVfxfFcfI/67g/wx05l3h2YFoC9Fm52isUkycaAi0siP\nM4/nTeoA5BTAuv+7J6ohw5TgcYR8NEENpaVTQcUIMLyO3E/wlRcEoHLRtHnMjR89\nCGwZg1/LIF/Ae3hJmg5O9PQMIDU6u8ILi/BVK4LGZ4u3x8Qfvg7fm556J6wBEUuP\nYZ2Mne5Gg1ayUGw/glTbpAkP1XFymvPloyC6/41r3b46X/nExXER86RC2uNJNNe3\n8doCYGznFWWbsGBAAVrWut0sS80nOyjSpoAifkkhqZEXbo8pyvjqfGVGijwzcKcd\niTdzhpcYahJ1WUIAIXbxjFlHJ8muFxyKrEuqrjnXqM+EjyYP/tu8VOCl2blTOGLP\nvPmF6ZBHoP3Dtqk9Z+XNusJFGWo7Nm+HLzXTyQsdbnGu8EnP6ywLHBrmBVu03men\nOs4rHHH1zueO42iPnATC60y9jvyFt2ofnQHCkPl7FdWS8Ek9nVgIhtzaLokrSQM7\nTZ10USIZOmz/2BQs133z+fA30SgDUNDyMIE47x6x3HI=\n=bWtO\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nSent through the Full Disclosure mailing list\nhttps://nmap.org/mailman/listinfo/fulldisclosure\nWeb Archives \u0026 RSS: http://seclists.org/fulldisclosure/",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14315"
},
{
"db": "CERT/CC",
"id": "VU#240311"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"db": "BID",
"id": "100816"
},
{
"db": "VULHUB",
"id": "VHN-105025"
},
{
"db": "VULMON",
"id": "CVE-2017-14315"
},
{
"db": "PACKETSTORM",
"id": "152848"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-105025",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-105025"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14315",
"trust": 3.8
},
{
"db": "BID",
"id": "100816",
"trust": 2.1
},
{
"db": "CERT/CC",
"id": "VU#240311",
"trust": 2.0
},
{
"db": "LENOVO",
"id": "LEN-17125",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "152848",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU95513538",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007675",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-487",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.1699",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-105025",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-14315",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#240311"
},
{
"db": "VULHUB",
"id": "VHN-105025"
},
{
"db": "VULMON",
"id": "CVE-2017-14315"
},
{
"db": "BID",
"id": "100816"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"db": "PACKETSTORM",
"id": "152848"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-487"
},
{
"db": "NVD",
"id": "CVE-2017-14315"
}
]
},
"id": "VAR-201709-0464",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-105025"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T19:38:28.047000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "iOS",
"trust": 0.8,
"url": "https://www.apple.com/jp/ios/ios-11/"
},
{
"title": "NV18-001",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv18-001.html"
},
{
"title": "Apple iOS Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=74712"
},
{
"title": "blueborne",
"trust": 0.1,
"url": "https://github.com/hw5773/blueborne "
},
{
"title": "-CVE-2017-0785-BlueBorne-PoC",
"trust": 0.1,
"url": "https://github.com/Alfa100001/-CVE-2017-0785-BlueBorne-PoC "
},
{
"title": "awesome-bluetooth-security",
"trust": 0.1,
"url": "https://github.com/engn33r/awesome-bluetooth-security "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/apple-patches-intel-side-channel-ios-macos/144743/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/blueborne-vulnerabilities-impact-over-5-billion-bluetooth-enabled-devices/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-14315"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-487"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-105025"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"db": "NVD",
"id": "CVE-2017-14315"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/100816"
},
{
"trust": 1.9,
"url": "https://seclists.org/bugtraq/2019/may/30"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht210121"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/may/24"
},
{
"trust": 1.8,
"url": "https://www.armis.com/blueborne"
},
{
"trust": 1.6,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8628"
},
{
"trust": 1.2,
"url": "https://www.kb.cert.org/vuls/id/240311"
},
{
"trust": 1.1,
"url": "https://www.armis.com/blueborne/#/technical"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14315"
},
{
"trust": 0.8,
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/122.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/191.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/300.html"
},
{
"trust": 0.8,
"url": "http://support.blackberry.com/kb/articledetail?articlenumber=000045807\u0026language=en_us"
},
{
"trust": 0.8,
"url": "https://support.lenovo.com/us/en/product_security/len-17125"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14315"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20170914_blueborne.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2017/at170037.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95513538/index.html"
},
{
"trust": 0.8,
"url": "https://www.armis.com/blueborne/"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-au/ht210121"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210121"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/152848/apple-security-advisory-2019-5-13-6.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/80846"
},
{
"trust": 0.3,
"url": "http://www.apple.com/ios/"
},
{
"trust": 0.3,
"url": "http://www.apple.com/appletv/features.html"
},
{
"trust": 0.3,
"url": "http://www.apple.com/accessibility/tvos/"
},
{
"trust": 0.3,
"url": "http://go.armis.com/hubfs/blueborne technical white paper.pdf"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alfa100001/-cve-2017-0785-blueborne-poc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9417"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "http://seclists.org/fulldisclosure/"
},
{
"trust": 0.1,
"url": "https://nmap.org/mailman/listinfo/fulldisclosure"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6975"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#240311"
},
{
"db": "VULHUB",
"id": "VHN-105025"
},
{
"db": "VULMON",
"id": "CVE-2017-14315"
},
{
"db": "BID",
"id": "100816"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"db": "PACKETSTORM",
"id": "152848"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-487"
},
{
"db": "NVD",
"id": "CVE-2017-14315"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#240311"
},
{
"db": "VULHUB",
"id": "VHN-105025"
},
{
"db": "VULMON",
"id": "CVE-2017-14315"
},
{
"db": "BID",
"id": "100816"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"db": "PACKETSTORM",
"id": "152848"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-487"
},
{
"db": "NVD",
"id": "CVE-2017-14315"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "CERT/CC",
"id": "VU#240311"
},
{
"date": "2017-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-105025"
},
{
"date": "2017-09-12T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14315"
},
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100816"
},
{
"date": "2017-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"date": "2019-05-14T00:29:32",
"db": "PACKETSTORM",
"id": "152848"
},
{
"date": "2017-09-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-487"
},
{
"date": "2017-09-12T15:29:00.190000",
"db": "NVD",
"id": "CVE-2017-14315"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-08T00:00:00",
"db": "CERT/CC",
"id": "VU#240311"
},
{
"date": "2019-05-14T00:00:00",
"db": "VULHUB",
"id": "VHN-105025"
},
{
"date": "2019-05-14T00:00:00",
"db": "VULMON",
"id": "CVE-2017-14315"
},
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100816"
},
{
"date": "2018-02-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007675"
},
{
"date": "2021-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-487"
},
{
"date": "2024-11-21T03:12:32.357000",
"db": "NVD",
"id": "CVE-2017-14315"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-487"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple Bluetooth implementation vulnerabilities affect many devices",
"sources": [
{
"db": "CERT/CC",
"id": "VU#240311"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-487"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…