CVE-2017-7064: An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected…

CVE-2017-7064 [MEDIUM] CWE-20 GHSA-hpgj-7mhq-vpj4: An issue was discovered in certain Apple products An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

CVE-2017-2505 JSC Exploits - Project Zero Posted by Samuel Groß, Project Zero In this post, we will take a look at the WebKit exploits used to gain an initial foothold onto the iOS device and stage the privilege escalation exploits. All exploits here achieve shellcode execution inside the sandboxed renderer process (WebContent) on iOS. Although Chrome on iOS would have also been vulnerable to these initial browser exploits, they were only used by the attacker to target Safari and iPhones. After some general discussion, this post first provides a short walkthrough of each of the exploited WebKit bugs and how the attackers construct a memory read/write primitive from them, followed by an overview of the techniques used to gain shellcode execution and how they bypassed existing JIT code injection mitigations, namely the “bulletpr

CVE-2017-7064 [MEDIUM] CVE-2017-7064: An issue was discovered in certain Apple products An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

CVE-2017-2538 WebKitGTK+ vulnerabilities Title: WebKitGTK+ vulnerabilities Summary: Several security issues were fixed in WebKitGTK+. A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Instructions: This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes.

CVE-2017-7064 [MEDIUM] CVE-2017-7064: iOS 10.3.3 Apple Security Update: About the security content of iOS 10.3.3 Product: iOS Version: 10.3.3 CVE: CVE-2017-7064 Component: WebKit Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling.

CVE-2017-7064 [MEDIUM] CVE-2017-7064: iTunes 12.6.2 for Windows Apple Security Update: About the security content of iTunes 12.6.2 for Windows Product: iTunes 12.6.2 for Windows CVE: CVE-2017-7064 Component: WebKit Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling.

CVE-2017-7064 [MEDIUM] CVE-2017-7064: iCloud for Windows 6.2.2 Apple Security Update: About the security content of iCloud for Windows 6.2.2 Product: iCloud for Windows Version: 6.2.2 CVE: CVE-2017-7064 Component: WebKit Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling.

CVE-2017-7064 [MEDIUM] CVE-2017-7064: Safari 10.1.2 Apple Security Update: About the security content of Safari 10.1.2 Product: Safari Version: 10.1.2 CVE: CVE-2017-7064 Component: WebKit Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling.

CVE-2017-7064 [MEDIUM] CVE-2017-7064: webkit2gtk - An issue was discovered in certain Apple products. iOS before 10.3.3 is affected... An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. The issue involves the "WebKit" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. Scope: local bookworm: resolved (fixed in 2.16.6-1) bullseye: resolved (fixed in 2.16.6-1) forky: resolved (fixed in 2.16.6-1) sid: resolved (fixed in 2.16.6-1) trixie: resolved (fixed in 2.16.6-1)

CVE-2017-7064 WebKit JSC - 'JSArray::appendMemcpy' Uninitialized Memory Copy WebKit JSC - 'JSArray::appendMemcpy' Uninitialized Memory Copy --- indexingType()); if (type == ArrayWithUndecided && copyType != NonArray) { if (copyType == ArrayWithInt32) convertUndecidedToInt32(vm); else if (copyType == ArrayWithDouble) convertUndecidedToDouble(vm); else if (copyType == ArrayWithContiguous) convertUndecidedToContiguous(vm); else { ASSERT(copyType == ArrayWithUndecided); return true; } } else if (type != copyType) return false; ... if (type == ArrayWithDouble) memcpy(butterfly()->contiguousDouble().data() + startIndex, otherArray->butterfly()->contiguousDouble().data(), sizeof(JSValue) * otherLength); else memcpy(butterfly()->contiguous().data() + startIndex, otherArray->butterfly()->contiguous().data(), sizeof(JSValue) * otherLength); return true; } The method co