Showing 1 - 6 of 6

CVE-2017-7117

Status Candidate

Overview

An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Related Files

Ubuntu Security Notice USN-3460-1: Posted Oct 23, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3460-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.; tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss; systems | linux, ubuntu; advisories | CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120; SHA-256 | 384ba8dedaf6420ae5558b7f6d647f6c22ec2ef1adbb37214209079c32ac2906; Download | Favorite | View

WebKitGTK+ Code Execution / Cookie Handling / Memory Corruption: Posted Oct 18, 2017; Authored by WebKitGTK+ Team; WebKitGTK+ has had numerous security vulnerabilities addressed including arbitrary code execution, memory corruption, cookie theft, and various other issues.; tags | advisory, arbitrary, vulnerability, code execution; advisories | CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120, CVE-2017-7142; SHA-256 | 3a18e3f692c17224ea98fd036f7468cb2c7bfb6852fc969ed1c8f78cbe39dd1d; Download | Favorite | View

WebKit JSC Incorrect Optimization: Posted Oct 3, 2017; Authored by Google Security Research, lokihardt; A proof of concept has been released that bypasses the fix for the original finding regarding an incorrect optimization in BytecodeGenerator::emitGetByVal in WebKit JSC.; tags | exploit, proof of concept; advisories | CVE-2017-7117; SHA-256 | 424b380e7d3c1cbc0226f7a72afefbd2fcb4158f18e5251ba138a6ab2b914b5b; Download | Favorite | View