CVSS: 9.3EPSS: 0%CPEs: 7EXPL: 0CVE-2017-7024
https://notcve.org/view.php?id=CVE-2017-7024
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Fue encontrado un problema en ciertos productos de Apple. iOS anterior a versión 10.3.3 se ve afectado. MacOS anterior a versión 10.12.6 se ve afectado. • http://www.securityfocus.com/bid/99883 http://www.securitytracker.com/id/1038950 https://support.apple.com/HT207922 https://support.apple.com/HT207923 https://support.apple.com/HT207924 https://support.apple.com/HT207925 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2017-7052 – Apple Safari Frame Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-7052
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Fue encontrado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.3 se ve afectado. • http://www.securityfocus.com/bid/99885 http://www.securitytracker.com/id/1038950 https://support.apple.com/HT207921 https://support.apple.com/HT207923 https://support.apple.com/HT207924 https://support.apple.com/HT207927 https://support.apple.com/HT207928 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-7053 – Apple iTunes iPodService Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-7053
An issue was discovered in certain Apple products. iTunes before 12.6.2 on Windows is affected. The issue involves the "iTunes" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. Fue detectado un problema en ciertos productos de Apple. iTunes versión anterior a 12.6.2 en Windows se ve afectado. El tema involucra el componente "iTunes". • http://www.securityfocus.com/bid/99884 https://support.apple.com/HT207928 •
CVSS: 8.8EPSS: 6%CPEs: 5EXPL: 1CVE-2017-6984 – WebKit JSC - 'Intl.getCanonicalLocales' Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-6984
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. iTunes before 12.6.1 on Windows is affected. tvOS before 10.2.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Se ha detectado un problema en ciertos productos de Apple. iOS versión anterior a 10.3.2 se ve afectado. • https://www.exploit-db.com/exploits/42191 http://www.securityfocus.com/bid/98454 http://www.securitytracker.com/id/1038487 https://security.gentoo.org/glsa/201706-15 https://support.apple.com/HT207798 https://support.apple.com/HT207801 https://support.apple.com/HT207804 https://support.apple.com/HT207805 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2017-2479 – Apple WebKit / Safari 10.0.3 (12602.4.8) - Universal Cross-Site Scripting via a Focus Event and a Link Element
https://notcve.org/view.php?id=CVE-2017-2479
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. • https://www.exploit-db.com/exploits/41866 http://www.securityfocus.com/bid/97176 http://www.securitytracker.com/id/1038157 https://support.apple.com/HT207599 https://support.apple.com/HT207600 https://support.apple.com/HT207601 https://support.apple.com/HT207607 https://support.apple.com/HT207617 • CWE-20: Improper Input Validation •