var-201711-0478
Vulnerability from variot
An issue was discovered in certain Apple products. Safari before 11.0.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. A security vulnerability exists in Safari components in versions of Apple Safari prior to 11.0.1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2017-10-31-5 Safari 11.1
Safari 11.1 is now available and addresses the following:
Safari Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13 Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2017-13789: xisigr of Tencent's Xuanwu Lab (tencent.com) CVE-2017-13790: Zhiyang Zeng (@Wester) of Tencent Security Platform Department
WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-13785: Ivan Fratric of Google Project Zero CVE-2017-13784: Ivan Fratric of Google Project Zero CVE-2017-13783: Ivan Fratric of Google Project Zero CVE-2017-13788: xisigr of Tencent's Xuanwu Lab (tencent.com) CVE-2017-13798: Ivan Fratric of Google Project Zero CVE-2017-13795: Ivan Fratric of Google Project Zero CVE-2017-13802: Ivan Fratric of Google Project Zero CVE-2017-13792: Ivan Fratric of Google Project Zero CVE-2017-13794: Ivan Fratric of Google Project Zero CVE-2017-13791: Ivan Fratric of Google Project Zero CVE-2017-13796: Ivan Fratric of Google Project Zero CVE-2017-13793: Hanul Choi working with Trend Micro's Zero Day Initiative CVE-2017-13803: chenqin (ee|) of Ant-financial Light-Year Security
Installation note:
Safari 11.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u8ApHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEY+1g// W98M5GMrH1S9J4VcAabTBLiq6evw7NUgpxmF2Qq8X9qaQz5MjUGJB2Ix5qOp9DXV 4YiUMyhj0T62SQa+i9AJTUUc5uwroA605wQUM3FsvYOYB1TUByTAw9fKc/tNCZtO W61vSO7BDQj3Xe/yqk22sqGcuWR2AvFoF6M/uTz2ZEunAhTafybLLTjA3GSW9LzR h1gW88AleBxDiQD7wYJFL5z6PH6h3602sptiPc0tI311hufe0Gee+eVEXuuxmzrM PNQgfuXJ8v0GdRtOxJMZgICBqDQ7OveNZGjTc7pSiX20+gzwG8HWVG4qkg8nTnAE I+4+9mFZhO0UEcpts9pr9TBgqFxREHsqOORKC3WfEBBNI1R6deUNKjGoldrF3ES9 syuDV8cJuOlTsoohkpumJYcZ622CLI5VCSDN3pEXygGiy8CGjHzbAPRcCZ6sGs3f LWVfMfZRYA+7vk5CxhEzZz8mI+P+W8LkUqbSBiXAfPAzUjwmUdLaX89JFCy0vqjD +CI0PF6OJfQNoEM/gWffm2ZmE1N7B4xXvVAzfIvyCAfKfZ3OM0edK5sNi9WAuBoa kTwMP/AKEaBniV8DeaD8PJiEhRU3PTPgTRSR9XZSLX5mxdgl9zXnBM92Nu75BS1e SfA+ulWYKFufKAnQIPL9CyRSI4kfLy3JvXryMw6DHcU= =rc1A -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0478",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "11.0"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.0.1 (macos high sierra 10.13)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.0.1 (macos sierra 10.12.6)"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "11.0.1 (os x el capitan 10.11.6)"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "11.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-099"
},
{
"db": "NVD",
"id": "CVE-2017-13790"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "PACKETSTORM",
"id": "144861"
}
],
"trust": 0.1
},
"cve": "CVE-2017-13790",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-13790",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-104448",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2017-13790",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-13790",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-13790",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-099",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-104448",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104448"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-099"
},
{
"db": "NVD",
"id": "CVE-2017-13790"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. Safari before 11.0.1 is affected. The issue involves the \"Safari\" component. It allows remote attackers to spoof the address bar via a crafted web site. Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. A security vulnerability exists in Safari components in versions of Apple Safari prior to 11.0.1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2017-10-31-5 Safari 11.1\n\nSafari 11.1 is now available and addresses the following:\n\nSafari\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and\nmacOS High Sierra 10.13\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2017-13789: xisigr of Tencent\u0027s Xuanwu Lab (tencent.com)\nCVE-2017-13790: Zhiyang Zeng (@Wester) of Tencent Security Platform\nDepartment\n\nWebKit\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and\nmacOS High Sierra 10.13\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2017-13785: Ivan Fratric of Google Project Zero\nCVE-2017-13784: Ivan Fratric of Google Project Zero\nCVE-2017-13783: Ivan Fratric of Google Project Zero\nCVE-2017-13788: xisigr of Tencent\u0027s Xuanwu Lab (tencent.com)\nCVE-2017-13798: Ivan Fratric of Google Project Zero\nCVE-2017-13795: Ivan Fratric of Google Project Zero\nCVE-2017-13802: Ivan Fratric of Google Project Zero\nCVE-2017-13792: Ivan Fratric of Google Project Zero\nCVE-2017-13794: Ivan Fratric of Google Project Zero\nCVE-2017-13791: Ivan Fratric of Google Project Zero\nCVE-2017-13796: Ivan Fratric of Google Project Zero\nCVE-2017-13793: Hanul Choi working with Trend Micro\u0027s Zero Day\nInitiative\nCVE-2017-13803: chenqin (ee|) of Ant-financial Light-Year Security\n\nInstallation note:\n\nSafari 11.1 may be obtained from the Mac App Store. \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u8ApHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEY+1g//\nW98M5GMrH1S9J4VcAabTBLiq6evw7NUgpxmF2Qq8X9qaQz5MjUGJB2Ix5qOp9DXV\n4YiUMyhj0T62SQa+i9AJTUUc5uwroA605wQUM3FsvYOYB1TUByTAw9fKc/tNCZtO\nW61vSO7BDQj3Xe/yqk22sqGcuWR2AvFoF6M/uTz2ZEunAhTafybLLTjA3GSW9LzR\nh1gW88AleBxDiQD7wYJFL5z6PH6h3602sptiPc0tI311hufe0Gee+eVEXuuxmzrM\nPNQgfuXJ8v0GdRtOxJMZgICBqDQ7OveNZGjTc7pSiX20+gzwG8HWVG4qkg8nTnAE\nI+4+9mFZhO0UEcpts9pr9TBgqFxREHsqOORKC3WfEBBNI1R6deUNKjGoldrF3ES9\nsyuDV8cJuOlTsoohkpumJYcZ622CLI5VCSDN3pEXygGiy8CGjHzbAPRcCZ6sGs3f\nLWVfMfZRYA+7vk5CxhEzZz8mI+P+W8LkUqbSBiXAfPAzUjwmUdLaX89JFCy0vqjD\n+CI0PF6OJfQNoEM/gWffm2ZmE1N7B4xXvVAzfIvyCAfKfZ3OM0edK5sNi9WAuBoa\nkTwMP/AKEaBniV8DeaD8PJiEhRU3PTPgTRSR9XZSLX5mxdgl9zXnBM92Nu75BS1e\nSfA+ulWYKFufKAnQIPL9CyRSI4kfLy3JvXryMw6DHcU=\n=rc1A\n-----END PGP SIGNATURE-----\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13790"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
},
{
"db": "VULHUB",
"id": "VHN-104448"
},
{
"db": "PACKETSTORM",
"id": "144861"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-13790",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1039706",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU99000953",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010334",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-099",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-104448",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144861",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104448"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
},
{
"db": "PACKETSTORM",
"id": "144861"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-099"
},
{
"db": "NVD",
"id": "CVE-2017-13790"
}
]
},
"id": "VAR-201711-0478",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-104448"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T19:28:45.623000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Apple security updates",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT201222"
},
{
"title": "HT208223",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT208223"
},
{
"title": "HT208223",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT208223"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104448"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
},
{
"db": "NVD",
"id": "CVE-2017-13790"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://support.apple.com/ht208223"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1039706"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13790"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13790"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99000953/index.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13795"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13802"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13785"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13798"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13784"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13796"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13791"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13803"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13792"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13794"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13793"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13783"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13788"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104448"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
},
{
"db": "PACKETSTORM",
"id": "144861"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-099"
},
{
"db": "NVD",
"id": "CVE-2017-13790"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-104448"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
},
{
"db": "PACKETSTORM",
"id": "144861"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-099"
},
{
"db": "NVD",
"id": "CVE-2017-13790"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-13T00:00:00",
"db": "VULHUB",
"id": "VHN-104448"
},
{
"date": "2017-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010334"
},
{
"date": "2017-11-02T23:34:42",
"db": "PACKETSTORM",
"id": "144861"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-099"
},
{
"date": "2017-11-13T03:29:00.520000",
"db": "NVD",
"id": "CVE-2017-13790"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-104448"
},
{
"date": "2017-12-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010334"
},
{
"date": "2017-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-099"
},
{
"date": "2024-11-21T03:11:40.340000",
"db": "NVD",
"id": "CVE-2017-13790"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-099"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Safari of Safari Component address bar spoofing vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010334"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-099"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…