mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
197 lines
6.0 KiB
JSON
197 lines
6.0 KiB
JSON
{
|
|
"id": "CVE-2017-2530",
|
|
"sourceIdentifier": "product-security@apple.com",
|
|
"published": "2017-05-22T05:29:01.770",
|
|
"lastModified": "2024-11-21T03:23:43.177",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. iCloud before 6.2.1 on Windows is affected. tvOS before 10.2.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se ha detectado un problema en ciertos productos de Apple. iOS versi\u00f3n anterior a 10.3.2 se ve afectado. Safari versi\u00f3n anterior a 10.1.1 se ve afectado. iCloud versi\u00f3n anterior a 6.2.1 en Windows se ve afectado. TVOS versi\u00f3n anterior a 10.2.1 se ve afectado. El problema involucra el componente \"WebKit\". Permite a los atacantes remotos ejecutar un c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de aplicaci\u00f3n) por medio de un sitio web creado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
|
"baseScore": 8.8,
|
|
"baseSeverity": "HIGH",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "REQUIRED",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH"
|
|
},
|
|
"exploitabilityScore": 2.8,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
|
"baseScore": 6.8,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*",
|
|
"versionEndIncluding": "6.2",
|
|
"matchCriteriaId": "DF4256D8-E61B-48F3-818F-D8E48EB1F508"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "10.1",
|
|
"matchCriteriaId": "5AD72565-70D0-4922-83CB-BC3DEF5C9FA1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "10.3.1",
|
|
"matchCriteriaId": "7C1766D9-DF3D-4EDC-9DDB-7762815B85C6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "10.2",
|
|
"matchCriteriaId": "3C4D06EB-E1E6-41F9-9C22-3E362A8DAC3C"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/98455",
|
|
"source": "product-security@apple.com"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1038487",
|
|
"source": "product-security@apple.com"
|
|
},
|
|
{
|
|
"url": "https://security.gentoo.org/glsa/201706-15",
|
|
"source": "product-security@apple.com"
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/HT207798",
|
|
"source": "product-security@apple.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/HT207801",
|
|
"source": "product-security@apple.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/HT207803",
|
|
"source": "product-security@apple.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/HT207804",
|
|
"source": "product-security@apple.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/98455",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1038487",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://security.gentoo.org/glsa/201706-15",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/HT207798",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/HT207801",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/HT207803",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/HT207804",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |