Apple tvOS vulnerabilities

CVE-2017-13783 [HIGH] CWE-119 CVE-2017-13783: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13784 [HIGH] CWE-119 CVE-2017-13784: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13788 [HIGH] CWE-119 CVE-2017-13788: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13795 [HIGH] CWE-119 CVE-2017-13795: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13793 [HIGH] CWE-119 CVE-2017-13793: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13797 [HIGH] CWE-119 CVE-2017-13797: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13803 [HIGH] CWE-119 CVE-2017-13803: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13785 [HIGH] CWE-119 CVE-2017-13785: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13802 [HIGH] CWE-119 CVE-2017-13802: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13796 [HIGH] CWE-119 CVE-2017-13796: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13799 [HIGH] CWE-119 CVE-2017-13799: An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted a

CVE-2017-13792 [HIGH] CWE-119 CVE-2017-13792: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13794 [HIGH] CWE-119 CVE-2017-13794: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13791 [HIGH] CWE-119 CVE-2017-13791: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13798 [HIGH] CWE-119 CVE-2017-13798: An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of servi

CVE-2017-13849 [MEDIUM] CWE-20 CVE-2017-13849: An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (application crash) via a crafted text file.

CVE-2017-13804 [MEDIUM] CWE-20 CVE-2017-13804: An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "StreamingZip" component. It allows remote attackers to write to unintended pathnames via a crafted ZIP archive.

CVE-2017-13852 [LOW] CWE-200 CVE-2017-13852: An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "Kernel" component. It allows attackers to monitor arbitrary apps via a crafted app that accesses process information at a high rate.

CVE-2017-13078 [MEDIUM] CVE-2017-13078: tvOS 11.1 Apple Security Update: About the security content of tvOS 11.1 Product: tvOS Version: 11.1 CVE: CVE-2017-13078 Component: Wi-Fi Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.

CVE-2017-13077 [MEDIUM] CVE-2017-13077: tvOS 11.1 Apple Security Update: About the security content of tvOS 11.1 Product: tvOS Version: 11.1 CVE: CVE-2017-13077 Component: Wi-Fi Impact: An attacker in Wi-Fi range may force nonce reuse in WPA unicast/PTK clients (Key Reinstallation Attacks - KRACK) Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.