CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-13788
https://notcve.org/view.php?id=CVE-2017-13788
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • http://www.securitytracker.com/id/1039703 https://security.gentoo.org/glsa/201712-01 https://support.apple.com/HT208219 https://support.apple.com/HT208222 https://support.apple.com/HT208223 https://support.apple.com/HT208224 https://support.apple.com/HT208225 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 61%CPEs: 7EXPL: 1CVE-2017-13796 – WebKit - 'WebCore::TreeScope::documentScope' Use-After-Free
https://notcve.org/view.php?id=CVE-2017-13796
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en algunos productos Apple. • https://www.exploit-db.com/exploits/43166 http://www.securitytracker.com/id/1039703 https://security.gentoo.org/glsa/201712-01 https://support.apple.com/HT208219 https://support.apple.com/HT208222 https://support.apple.com/HT208223 https://support.apple.com/HT208224 https://support.apple.com/HT208225 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7107
https://notcve.org/view.php?id=CVE-2017-7107
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100994 http://www.securitytracker.com/id/1039384 http://www.securitytracker.com/id/1039428 https://support.apple.com/HT208112 https://support.apple.com/HT208113 https://support.apple.com/HT208116 https://support.apple.com/HT208141 https://support.apple.com/HT208142 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7109
https://notcve.org/view.php?id=CVE-2017-7109
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via crafted web content that incorrectly interacts with the Application Cache policy. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/101005 http://www.securitytracker.com/id/1039384 http://www.securitytracker.com/id/1039428 https://support.apple.com/HT208112 https://support.apple.com/HT208113 https://support.apple.com/HT208116 https://support.apple.com/HT208141 https://support.apple.com/HT208142 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7090
https://notcve.org/view.php?id=CVE-2017-7090
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive cookie information via a custom URL scheme. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/100995 http://www.securitytracker.com/id/1039384 http://www.securitytracker.com/id/1039428 https://support.apple.com/HT208112 https://support.apple.com/HT208113 https://support.apple.com/HT208116 https://support.apple.com/HT208141 https://support.apple.com/HT208142 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •