漏洞信息详情

多款CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple产品WebKit 安全漏洞

• CNNVD编号：CNNVD-201703-893
• 危害等级： 高危
  
• CVE编号： CVE-2017-7156
• 漏洞类型： 缓冲区错误
• 发布时间： 2017-03-21
• 威胁类型： 远程
• 更新时间： 2019-03-13
• 厂        商： CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
• 漏洞来源：

漏洞简介

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iOS、iCloud for Windows、iTunes for Windows、Safari和tvOS都是美国苹果（CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple）公司的产品。CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iOS是一套为专移动设备所开发的一套操作系统；Safari是一款Web浏览器，是Mac OS X和iOS操作系统附带的默认浏览器。WebKit是KDE社区开发的一套开源Web浏览器引擎，目前被CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari及Google CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome等浏览器使用。

多款CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple产品中的WebKit组件存在安全漏洞。远程攻击者可借助特制的网站利用该漏洞执行任意代码或造成拒绝服务（内存损坏和应用程序崩溃）。以下产品和版本受到影响：CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iOS 11.2之前的版本；Safari 11.0.2之前的版本；基于Windows平台的iCloud 7.2之前的版本；基于Windows平台的iTunes 12.7.2之前的版本；tvOS 11.2之前的版本。

漏洞公告

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/zh-cn/HT208324

https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/zh-cn/HT208326

https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/zh-cn/HT208327

https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/zh-cn/HT208328

https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/zh-cn/HT208334

参考网址

来源:BID

链接:http://www.securityfocus.com/bid/102181

来源:SECTRACK

链接:http://www.securitytracker.com/id/1040012

来源:SECTRACK

链接:http://www.securitytracker.com/id/1040013

来源:CONFIRM

链接:https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/HT208334

来源:GENTOO

链接:https://security.gentoo.org/glsa/201801-09

来源:CONFIRM

链接:https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/HT208324

来源:CONFIRM

链接:https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/HT208327

来源:CONFIRM

链接:https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/HT208326

来源:CONFIRM

链接:https://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/HT208328

受影响实体

• CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari:1.1  
• CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari:1.0b1:-:Mac  
• CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple_tv:4.2.1  
• CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple_tv:4.2.0  
• CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple_tv:4.1.1  

补丁

• 多款CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple产品WebKit 安全漏洞的修复措施