CVE-2017-6975
published 2017-04-05CVE-2017-6975: Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating…
PriorityP424medium6.8CVSS 3.0
AVPACLPRNUINSUCHIHAH
EPSS
0.06%
19.4th percentile
Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE ID for the operating-system behavior.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | apple_tv_software | — | — |
| apple | ios | — | — |
| apple | iphone_os | <= 10.3 | — |
CVSS provenance
nvdv3.06.8MEDIUMCVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
GHSA
GHSA-4hvm-x6v7-c64m: Wi-Fi in Apple iOS before 10
ghsa_unreviewed·2022-05-14·CVSS 8.8
CVE-2017-6975 [HIGH] CWE-119 GHSA-4hvm-x6v7-c64m: Wi-Fi in Apple iOS before 10
Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE ID for the operating-system behavior.
Apple
CVE-2017-6975: Apple TV Software 7.3
vendor_apple·2019-05-13·CVSS 6.8
CVE-2017-6975 [MEDIUM] CVE-2017-6975: Apple TV Software 7.3
Apple Security Update: About the security content of Apple TV Software 7.3
Product: Apple TV Software
Version: 7.3
CVE: CVE-2017-6975
Component: Wi-Fi
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
Description: A stack buffer overflow was addressed through improved input validation.
Apple
CVE-2017-6975: iOS 10.3.1
vendor_apple·2017-04-03·CVSS 6.8
CVE-2017-6975 [MEDIUM] CVE-2017-6975: iOS 10.3.1
Apple Security Update: About the security content of iOS 10.3.1
Product: iOS
Version: 10.3.1
CVE: CVE-2017-6975
Component: Wi-Fi
Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
Description: A stack buffer overflow was addressed through improved input validation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2019/May/24http://www.securityfocus.com/bid/97328http://www.securitytracker.com/id/1038172https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.htmlhttps://seclists.org/bugtraq/2019/May/30https://support.apple.com/HT207688https://support.apple.com/kb/HT210121https://twitter.com/4Dgifts/status/849268365457850370http://seclists.org/fulldisclosure/2019/May/24http://www.securityfocus.com/bid/97328http://www.securitytracker.com/id/1038172https://googleprojectzero.blogspot.com/2017/04/over-air-exploiting-broadcoms-wi-fi_4.htmlhttps://seclists.org/bugtraq/2019/May/30https://support.apple.com/HT207688https://support.apple.com/kb/HT210121https://twitter.com/4Dgifts/status/849268365457850370
2017-04-05
Published