CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2017-7105
https://notcve.org/view.php?id=CVE-2017-7105
An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is affected. watchOS before 4 is affected. The issue involves the "Wi-Fi" component. It might allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via crafted Wi-Fi traffic. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11, las versiones de tvOS anteriores a la 11 y las versiones de watchOS anteriores a la 4. • http://www.securityfocus.com/bid/100927 http://www.securitytracker.com/id/1039385 https://bugs.chromium.org/p/project-zero/issues/detail?id=1305 https://support.apple.com/HT208112 https://support.apple.com/HT208113 https://support.apple.com/HT208115 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-7106
https://notcve.org/view.php?id=CVE-2017-7106
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100893 http://www.securitytracker.com/id/1039384 http://www.securitytracker.com/id/1039385 https://support.apple.com/HT208112 https://support.apple.com/HT208116 https://support.apple.com/HT208142 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7088
https://notcve.org/view.php?id=CVE-2017-7088
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange account. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11. • http://www.securityfocus.com/bid/100892 http://www.securitytracker.com/id/1039385 https://support.apple.com/HT208112 • CWE-275: Permission Issues •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7133
https://notcve.org/view.php?id=CVE-2017-7133
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read access to a backup archive that was supposed to have been encrypted. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11. • http://www.securityfocus.com/bid/100892 http://www.securitytracker.com/id/1039385 https://support.apple.com/HT208112 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7097
https://notcve.org/view.php?id=CVE-2017-7097
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Mail MessageUI" component. It allows attackers to cause a denial of service (memory corruption) via a crafted image. Se ha descubierto un problema en ciertos productos Apple. Se han visto afectadas las versiones de iOS anteriores a la 11. • http://www.securityfocus.com/bid/100929 http://www.securitytracker.com/id/1039385 https://support.apple.com/HT208112 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •