CVE-2017-2471

Опубликовано: 02 апр. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Средний

Описание

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. watchOS before 3.2 is affected. The issue involves the "WebKit" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code via a crafted web site.

Ссылки

http://www.securityfocus.com/bid/97133
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038137
https://bugs.chromium.org/p/project-zero/issues/detail?id=1105
https://security.gentoo.org/glsa/201706-15
https://support.apple.com/HT207600
Vendor Advisory
https://support.apple.com/HT207602
Vendor Advisory
https://support.apple.com/HT207617
Vendor Advisory
https://www.exploit-db.com/exploits/41813/
http://www.securityfocus.com/bid/97133
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1038137
https://bugs.chromium.org/p/project-zero/issues/detail?id=1105
https://security.gentoo.org/glsa/201706-15
https://support.apple.com/HT207600
Vendor Advisory
https://support.apple.com/HT207602
Vendor Advisory
https://support.apple.com/HT207617
Vendor Advisory
https://www.exploit-db.com/exploits/41813/

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apple:safari:10.0.3:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:10.2.1:*:*:*:*:*:*:*

cpe:2.3:o:apple:watchos:3.1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.21319

Средний

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-416

Связанные уязвимости

CVE-2017-2471

CVSS3: 8.8

ubuntu

почти 9 лет назад

CVE-2017-2471

CVSS3: 8.8

debian

почти 9 лет назад

An issue was discovered in certain Apple products. iOS before 10.3 is ...

GHSA-73fg-98hg-p7mj

CVSS3: 8.8

github

больше 3 лет назад

BDU:2017-00872

fstec

почти 9 лет назад

Уязвимость операционной системы iOS и браузера Safari, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 96%

0.21319

Средний

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-416