SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Web Browser)  >   Apple Safari Vendors:   Apple
Apple Safari Multiple Bugs Let Remote Users Obtain Potentially Sensitive Information, Conduct Cross-Site Scripting Attacks, Bypass Security, Deny Service, and Execute Arbitrary Code
SecurityTracker Alert ID:  1038137
SecurityTracker URL:  http://securitytracker.com/id/1038137
CVE Reference:   CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367, CVE-2017-2376, CVE-2017-2377, CVE-2017-2378, CVE-2017-2385, CVE-2017-2386, CVE-2017-2389, CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405, CVE-2017-2415, CVE-2017-2419, CVE-2017-2424, CVE-2017-2433, CVE-2017-2442, CVE-2017-2444, CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2453, CVE-2017-2454, CVE-2017-2455, CVE-2017-2459, CVE-2017-2460, CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468, CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475, CVE-2017-2476, CVE-2017-2481   (Links to External Site)
Date:  Mar 27 2017
Impact:   Denial of service via network, Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 10.1
Description:   Multiple vulnerabilities were reported in Apple Safari. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can cause denial of service conditions on the target system. A local user can obtain potentially sensitive information. A remote user can bypass security controls on the target system. A remote user can obtain potentially sensitive information on the target system. A remote user can spoof bookmarks and content. A remote user can conduct cross-site scripting attacks.

A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A memory corruption error may occur in CoreGraphics [CVE-2017-2444].

Memory corruption errors may occur in WebKit [CVE-2016-9642, CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405, CVE-2017-2433, CVE-2017-2454, CVE-2017-2455, CVE-2017-2459, CVE-2017-2460, CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468, CVE-2017-2469, CVE-2017-2470, CVE-2017-2476, CVE-2017-2481].

A type confusion error may occur [CVE-2017-2415].

A Content Security Policy access error may occur [CVE-2017-2419].

A logic error in the handling of strict mode functions may occur [CVE-2017-2446].

A use after free memory error may occur [CVE-2017-2471].

When the target user closes a window when paused in the debugger, the application may terminate [CVE-2017-2377].

A remote user can create specially crafted content that, when loaded by the target user, will exploit a flaw in the processing of OpenGL shaders and access portions of process memory on the target system [CVE-2017-2424].

A remote user can exploit a page loading flaw to bypass cross-origin restrictions [CVE-2017-2367].

A remote user can exploit a page loading error in WebKit JavaScript Bindings to bypass cross-origin restrictions [CVE-2017-2442].

A remote user can triigger a memory corruption error to obtain potentially sensitive information on the target user's system [CVE-2017-2447].

A remote user can trigger a regex processing flaw in WebKit to consume excessive memory on the target system [CVE-2016-9643].

A remote user can create specially crafted web content that, when loaded by the target user, will bypass cross-origin restrictions to access data from another domain [CVE-2017-2386].

A remote user can trigger a state management error and disable text input until the target destination page loads to spoof address bar URLs [CVE-2017-2376].

A remote user can create specially crafted content that, when loaded by the target user, will display authentication sheets over arbitrary web sites [CVE-2017-2389].

A remote user can create a specially crafted link that, when loaded by the target user, will exploit a flaw in the handling of FaceTime prompts to spoof the user interface [CVE-2017-2453].

A remote user can create a specially crafted link that, when dragged and dropped by the target user will trigger a bookmark validation flaw and spoof a bookmark or execute arbitrary code on the target system [CVE-2017-2378].

The software does not properly filter HTML code from user-supplied input before displaying the input [CVE-2017-2445, CVE-2017-2475]. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the Apple Safari software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

A local user can exploit a flaw in the Login AutoFill function to access locked keychain items [CVE-2017-2385].

0011 (via Trend Micro's Zero Day Initiative), Andre Bargull, Gustavo Grieco, Ivan Fratric of Google Project Zero, Jeonghoon Shin, Kai Kang of Tencent's Xuanwu Lab (tentcent.com), Mei Wang of 360 GearTeam, Natalie Silvanovich of Google Project Zero, Nicolai Grodum of Cisco Systems, Paul Thomson (using the GLFuzz tool) of the Multicore Programming Group,
Imperial College London, ShenYeYinJiu of Tencent Security Response Center, TSRC, Simon Woodside of MedStack, Vicki Pfau, Zheng Huang and Wei Yuan of Baidu Security Lab, an anonymous researcher, Chris Hlady of Google Inc, Yuyang Zhou of Tencent Security Platform Department (security.tencent.com), Muneaki Nishimura (nishimunea) of Recruit Technologies Co., Ltd., Michal Zalewski of Google Inc, an anonymous researcher,
lokihardt of Google Project Zero, and xisigr of Tencent's Xuanwu Lab (tencent.com) reported these vulnerabilities.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can cause denial of service conditions.

A local user can obtain potentially sensitive information on the target system.

A remote user can bypass security controls on the target system.

A remote user can obtain potentially sensitive information on the target system.

A remote user can spoof a URL.

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the Apple Safari software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

Solution:   The vendor has issued a fix (10.1).

The vendor advisory is available at:

https://support.apple.com/en-us/HT207600

Cause:   Not specified
Underlying OS:  UNIX (macOS/OS X)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Mar 28 2017 (Apple Issues Fix for Apple TV) Apple Safari Multiple Bugs Let Remote Users Obtain Potentially Sensitive Information, Conduct Cross-Site Scripting Attacks, Bypass Security, Deny Service, and Execute Arbitrary Code
Apple has issued a fix for Apple TV.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2017, SecurityGlobal.net LLC