WebKit被爆18个WebKit内存损坏漏洞 ,涉及CVE-2017-7018到CVE-2017-7061之前的18个ID,漏洞影响苹果大面积产品的多个版本,包括Apple tvOS、Apple Safari、Apple Mac OS X及server版本、Apple iTunes、Apple iPod Touch、Apple iPhone、Apple iPad 、Apple iOS 、Apple iCloud。
这些漏洞的发现的作者涉及Google 0Day项目组,腾讯安全平台 Zeng Zhiyang,百度安全实验室likemeng,蚂蚁金服实验室chenqin
WebKit多个内存损坏漏洞可以执行任意代码或远程DoS攻击
SecurityFocus评价
webkit 容易出现多个内存损坏漏洞。
成功利用漏洞,将允许攻击者在受影响浏览器的上下文中执行任意代码, 或导致拒绝服务条件;其他攻击也可能发生。
目前尚未看到相关的补丁信息发布,请密切关注苹果官网及Webkit官网。
| Bugtraq ID: | 99885 |
| Class: | Unknown |
| CVE: |
CVE-2017-7018 [出自:jiwo.org] CVE-2017-7019 CVE-2017-7020 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7039 CVE-2017-7040 CVE-2017-7041 CVE-2017-7042 CVE-2017-7043 CVE-2017-7046 CVE-2017-7048 CVE-2017-7049 CVE-2017-7052 CVE-2017-7055 CVE-2017-7056 CVE-2017-7061 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 20 2017 12:00AM |
| Updated: | Jul 20 2017 12:00AM |
| Credit: | lokihardt of Google Project Zero, Zhiyang Zeng of Tencent Security Platform Department, likemeng of Baidu Security Lab, chenqin of Ant-financial Light-Year Security Lab, Ivan Fratric of Google Project Zero |
| Vulnerable: |
WebKit Open Source Project WebKit 0 Apple tvOS 10.1.1 Apple tvOS 10.0.1 Apple tvOS 9.2.2 Apple tvOS 9.2.1 Apple tvOS 9.1.1 Apple tvOS 9.2 Apple tvOS 9.1 Apple tvOS 9.0 Apple tvOS 10.2.1 Apple tvOS 10.2 Apple tvOS 10.1 Apple tvOS 10 Apple TV 0 Apple Safari 10.0.1 Apple Safari 9.1.3 Apple Safari 9.1.2 Apple Safari 9.1.1 Apple Safari 9.0.3 Apple Safari 9.0.2 Apple Safari 9.0.1 Apple Safari 8.0.8 Apple Safari 8.0.6 Apple Safari 8.0.5 Apple Safari 8.0.4 Apple Safari 8.0.1 Apple Safari 7.1.8 Apple Safari 7.1.6 Apple Safari 7.1.5 Apple Safari 7.1.4 Apple Safari 6.2.8 Apple Safari 6.2.6 Apple Safari 6.2.5 Apple Safari 6.2.4 Apple Safari 6.2.1 Apple Safari 6.1.6 Apple Safari 6.1.3 Apple Safari 6.1.1 Apple Safari 6.0.5 Apple Safari 6.0.4 Apple Safari 6.0.3 Apple Safari 6.0.2 Apple Safari 6.0.1 Apple Safari 5.1.10 Apple Safari 5.1.6 Apple Safari 5.1.5 Apple Safari 5.0.6 Apple Safari 4.0.5 Apple Safari 4.0.4 Apple Safari 4.0.3 Apple Safari 4.0.2 Apple Safari 4.0.1 Apple Safari 3.2.3 Apple Safari 2.0.4 Apple Safari 2.0.3 Apple Safari 2.0.2 Apple Safari 2.0.1 + Apple Mac OS X 10.4.2 + Apple Mac OS X 10.4.1 + Apple Mac OS X 10.4 + Apple Mac OS X Server 10.4.2 + Apple Mac OS X Server 10.4.1 + Apple Mac OS X Server 10.4 Apple Safari 1.3.2 Apple Safari 1.3.1 Apple Safari 1.3 + Apple Mac OS X 10.3.9 Apple Safari 1.2.3 Apple Safari 1.2.2 Apple Safari 1.2.1 Apple Safari 1.2 + Apple Mac OS X 10.3.7 + Apple Mac OS X 10.3.7 + Apple Mac OS X 10.3.6 + Apple Mac OS X 10.3.6 + Apple Mac OS X 10.3.5 + Apple Mac OS X 10.3.5 + Apple Mac OS X 10.3.4 + Apple Mac OS X 10.3.4 + Apple Mac OS X 10.3.3 + Apple Mac OS X 10.3.3 + Apple Mac OS X 10.3.2 + Apple Mac OS X 10.3.2 + Apple Mac OS X 10.3.1 + Apple Mac OS X 10.3.1 + Apple Mac OS X 10.3 + Apple Mac OS X 10.3 + Apple Mac OS X 10.2.8 + Apple Mac OS X 10.2.8 + Apple Mac OS X 10.2.7 + Apple Mac OS X 10.2.7 + Apple Mac OS X 10.2.6 + Apple Mac OS X 10.2.6 + Apple Mac OS X 10.2.5 + Apple Mac OS X 10.2.5 + Apple Mac OS X 10.2.4 + Apple Mac OS X 10.2.4 + Apple Mac OS X 10.2.3 + Apple Mac OS X 10.2.3 + Apple Mac OS X 10.2.2 + Apple Mac OS X 10.2.2 + Apple Mac OS X 10.2.1 + Apple Mac OS X 10.2.1 + Apple Mac OS X 10.2 + Apple Mac OS X 10.2 + Apple Mac OS X Server 10.3.7 + Apple Mac OS X Server 10.3.6 + Apple Mac OS X Server 10.3.6 + Apple Mac OS X Server 10.3.5 + Apple Mac OS X Server 10.3.5 + Apple Mac OS X Server 10.3.4 + Apple Mac OS X Server 10.3.4 + Apple Mac OS X Server 10.3.3 + Apple Mac OS X Server 10.3.3 + Apple Mac OS X Server 10.3.2 + Apple Mac OS X Server 10.3.2 + Apple Mac OS X Server 10.3.1 + Apple Mac OS X Server 10.3.1 + Apple Mac OS X Server 10.3 + Apple Mac OS X Server 10.3 + Apple Mac OS X Server 10.2.8 + Apple Mac OS X Server 10.2.8 + Apple Mac OS X Server 10.2.7 + Apple Mac OS X Server 10.2.7 + Apple Mac OS X Server 10.2.6 + Apple Mac OS X Server 10.2.6 + Apple Mac OS X Server 10.2.5 + Apple Mac OS X Server 10.2.5 + Apple Mac OS X Server 10.2.4 + Apple Mac OS X Server 10.2.4 + Apple Mac OS X Server 10.2.3 + Apple Mac OS X Server 10.2.3 + Apple Mac OS X Server 10.2.2 + Apple Mac OS X Server 10.2.2 + Apple Mac OS X Server 10.2.1 + Apple Mac OS X Server 10.2.1 + Apple Mac OS X Server 10.2 + Apple Mac OS X Server 10.2 Apple Safari 1.1 Apple Safari 9.1 Apple Safari 9 Apple Safari 8.0.7 Apple Safari 8.0.3 Apple Safari 8.0.2 Apple Safari 8.0 Apple Safari 7.1.7 Apple Safari 6.2.7 Apple Safari 6.2.3 Apple Safari 6.2.2 Apple Safari 6.2 Apple Safari 6.1.5 Apple Safari 6.1.4 Apple Safari 6.1.2 Apple Safari 6.1 Apple Safari 6.0 Apple Safari 5.34 Apple Safari 5.33 Apple Safari 5.31 Apple Safari 5.1.7 Apple Safari 5.1.4 Apple Safari 5.1.3 Apple Safari 5.1.2 Apple Safari 5.1.1 Apple Safari 5.1 Apple Safari 5.0.5 Apple Safari 5.0.4 Apple Safari 5.0.3 Apple Safari 5.0.1 Apple Safari 5.0 Apple Safari 4.31 Apple Safari 4.30 Apple Safari 4.28 Apple Safari 4.1.3 Apple Safari 4.1.2 Apple Safari 4.1.1 Apple Safari 4.1 Apple Safari 4 Apple Safari 3.52 Apple Safari 3 Apple Safari 10.1.1 Apple Safari 10.1 Apple Safari 10.0.3 Apple Safari 10.0.2 Apple Safari 10 Apple macOS 10.12.6 Apple Mac Os X 10.11.6 Apple Mac Os X 10.10.5 Apple iTunes 12.5.5 Apple iTunes 12.5.1 Apple iTunes 12.4.2 Apple iTunes 12.3.2 Apple iTunes 12.3.1 Apple iTunes 11.2.1 Apple iTunes 11.1.5 Apple iTunes 11.1.4 Apple iTunes 11.1.3 Apple iTunes 11.1.2 Apple iTunes 11.1.1 Apple iTunes 11.0.5 Apple iTunes 11.0.4 Apple iTunes 11.0.2 Apple iTunes 10.6.3 Apple iTunes 10.6.1 Apple iTunes 10.5.1 Apple iTunes 10.1.2 Apple iTunes 4.8 Apple iTunes 4.7.1 Apple iTunes 12.6 Apple iTunes 12.5.4 Apple iTunes 12.5.2 Apple iTunes 12.4 Apple iTunes 12.3 Apple iTunes 12.2 Apple iTunes 12.0.1 Apple iTunes 11.2 Apple iTunes 11.1 Apple iTunes 11.0.3 Apple iTunes 11.0.1 Apple iTunes 11.0.0.163 Apple iTunes 11.0 Apple iTunes 10.7 Apple iTunes 10.6.1.7 Apple iTunes 10.6 Apple iTunes 10.5.3 Apple iTunes 10.5.2 Apple iTunes 10.5.1.42 Apple iTunes 10.5 Apple iTunes 10.4.1.10 Apple iTunes 10.4.1 Apple iTunes 10.4.0.80 Apple iTunes 10.4 Apple iTunes 10.3.1 Apple iTunes 10.3 Apple iTunes 10.2.2.12 Apple iTunes 10.2.2 Apple iTunes 10.2 Apple iTunes 10.1.1.4 Apple iTunes 10.1.1 Apple iTunes 10.1 Apple iTunes 10.0.1 Apple iTunes 10 Apple iPod Touch 0 Apple iPhone 0 Apple iPad 0 Apple iOS 5 0 Apple iOS 4 0 Apple iOS 3 0 Apple iOS 10.2.1 Apple iOS 10.0.1 Apple iOS 9.3.4 Apple iOS 9.3.3 Apple iOS 9.3.2 Apple iOS 9.3.1 Apple iOS 9.2.1 Apple iOS 9.0.2 Apple iOS 9.0.1 Apple iOS 8.4.1 Apple iOS 7.2 Apple iOS 7.0.6 Apple iOS 7.0.5 Apple iOS 7.0.3 Apple iOS 7.0.2 Apple iOS 7.0.1 Apple iOS 6.3.1 Apple iOS 6.1.6 Apple iOS 6.1.4 Apple iOS 6.1.3 Apple iOS 4.2.1 Apple iOS 4.0.2 Apple iOS 4.0.1 Apple iOS 3.2.2 Apple iOS 3.2.1 Apple iOS 9.3.5 Apple iOS 9.3 Apple iOS 9.2 Apple iOS 9.1 Apple iOS 9 Apple iOS 8.4 Apple iOS 8.3 Apple iOS 8.2 Apple iOS 8.1.3 Apple iOS 8.1.2 Apple iOS 8.1.1 Apple iOS 8.1 Apple iOS 8 Apple iOS 7.1.2 Apple iOS 7.1.1 Apple iOS 7.1 Apple iOS 7.0.4 Apple iOS 7 Apple iOS 6.1 Apple iOS 6.0.2 Apple iOS 6.0.1 Apple iOS 6 Apple iOS 5.1.1 Apple iOS 5.1 Apple iOS 5.0.1 Apple iOS 5 Apple iOS 4.3.5 Apple iOS 4.3.4 Apple iOS 4.3.3 Apple iOS 4.3.2 Apple iOS 4.3.1 Apple iOS 4.3 Apple iOS 4.2.9 Apple iOS 4.2.8 Apple iOS 4.2.7 Apple iOS 4.2.6 Apple iOS 4.2.5 Apple iOS 4.2.10 Apple iOS 4.2 Apple iOS 4.1 Apple iOS 4 Apple iOS 3.2 Apple iOS 3.1 Apple iOS 3.0 Apple iOS 2.1 Apple iOS 2.0 Apple iOS 10.3.1 Apple iOS 10.3 Apple iOS 10.2 Apple iOS 10.1 Apple iOS 10 Apple iCloud 6.1.1 Apple iCloud 6.2.1 Apple iCloud 6.2 Apple iCloud 6.1 Apple iCloud 6.0.1 Apple iCloud 6.0 |
| Not Vulnerable: |
Apple tvOS 10.2.2 Apple Safari 10.1.2 Apple iTunes 12.6.2 Apple iOS 10.3.3 Apple iCloud 6.2.2 |
