This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Apple First view 2010-02-18
Product Webkit Last view 2017-12-27
Version - Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:apple:webkit

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2017-12-27 CVE-2017-7160

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-12-27 CVE-2017-7157

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-12-27 CVE-2017-7156

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-12-25 CVE-2017-13870

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-12-25 CVE-2017-13866

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-12-25 CVE-2017-13856

An issue was discovered in certain Apple products. iOS before 11.2 is affected. Safari before 11.0.2 is affected. iCloud before 7.2 on Windows is affected. iTunes before 12.7.2 on Windows is affected. tvOS before 11.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13803

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13802

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13798

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13796

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13795

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13794

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13793

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13792

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13791

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13788

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13785

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13784

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-11-12 CVE-2017-13783

An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-07-20 CVE-2017-7061

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-07-20 CVE-2017-7056

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-07-20 CVE-2017-7055

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-07-20 CVE-2017-7052

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-07-20 CVE-2017-7049

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

8.8 2017-07-20 CVE-2017-7048

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. Safari before 10.1.2 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

CWE : Common Weakness Enumeration

%idName
76% (32) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
4% (2) CWE-200 Information Exposure
2% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
2% (1) CWE-399 Resource Management Errors
2% (1) CWE-362 Race Condition
2% (1) CWE-264 Permissions, Privileges, and Access Controls
2% (1) CWE-255 Credentials Management
2% (1) CWE-203 Information Exposure Through Discrepancy
2% (1) CWE-94 Failure to Control Generation of Code ('Code Injection')
2% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

Open Source Vulnerability Database (OSVDB)

id Description
67296 WebKit WebCore loader/DocumentThreadableLoader.cpp XMLHttpRequest Implementat...
67295 WebKit WebCore page/Geolocation.cpp lastPosition Function Access Restriction ...
62462 Google Chrome WebKit Image Decoder Sandbox Malformed GIF File Arbitrary Code ...
62317 Google Chrome ruby Tag Handling Arbitrary Code Execution
62308 Google Chrome WebKit Directory Listing XMLHttpRequests Information Disclosure
62307 Google Chrome WebKit CSS Stylesheet Cross-origin Information Disclosure

OpenVAS Exploits

id Description
2011-03-07 Name : Mandriva Update for webkit MDVSA-2011:039 (webkit)
File : nvt/gb_mandriva_MDVSA_2011_039.nasl
2011-02-18 Name : Fedora Update for webkitgtk FEDORA-2011-1224
File : nvt/gb_fedora_2011_1224_webkitgtk_fc13.nasl
2011-01-11 Name : Fedora Update for webkitgtk FEDORA-2011-0121
File : nvt/gb_fedora_2011_0121_webkitgtk_fc13.nasl
2010-10-22 Name : Fedora Update for webkitgtk FEDORA-2010-15957
File : nvt/gb_fedora_2010_15957_webkitgtk_fc13.nasl
2010-10-22 Name : Fedora Update for webkitgtk FEDORA-2010-15982
File : nvt/gb_fedora_2010_15982_webkitgtk_fc12.nasl
2010-10-22 Name : Ubuntu Update for webkit vulnerabilities USN-1006-1
File : nvt/gb_ubuntu_USN_1006_1.nasl
2010-09-22 Name : Fedora Update for webkitgtk FEDORA-2010-14409
File : nvt/gb_fedora_2010_14409_webkitgtk_fc13.nasl
2010-09-22 Name : Fedora Update for webkitgtk FEDORA-2010-14419
File : nvt/gb_fedora_2010_14419_webkitgtk_fc12.nasl
2010-07-22 Name : FreeBSD Ports: webkit-gtk2
File : nvt/freebsd_webkit-gtk2.nasl
2010-07-16 Name : Fedora Update for qt FEDORA-2010-11011
File : nvt/gb_fedora_2010_11011_qt_fc13.nasl
2010-07-16 Name : Fedora Update for qt FEDORA-2010-11020
File : nvt/gb_fedora_2010_11020_qt_fc12.nasl
2010-05-17 Name : Fedora Update for qt FEDORA-2010-8360
File : nvt/gb_fedora_2010_8360_qt_fc12.nasl
2010-05-17 Name : Fedora Update for qt FEDORA-2010-8379
File : nvt/gb_fedora_2010_8379_qt_fc11.nasl
2010-03-31 Name : Fedora Update for qt FEDORA-2010-4524
File : nvt/gb_fedora_2010_4524_qt_fc11.nasl
2010-03-31 Name : Fedora Update for qt FEDORA-2010-4518
File : nvt/gb_fedora_2010_4518_qt_fc12.nasl
2010-02-22 Name : Google Chrome Multiple Vulnerabilities - (Win)
File : nvt/secpod_google_chrome_mult_vuln_win01.nasl
2010-02-22 Name : Google Chrome Multiple Vulnerabilities - (Windows)
File : nvt/secpod_google_chrome_mult_vuln_win02.nasl

Snort® IPS/IDS

Date Description
2020-06-13 WebKit use-after-free remote code execution attempt
RuleID : 53976 - Type : BROWSER-WEBKIT - Revision : 1
2019-03-28 Adobe Acrobat Pro HTML use-after-free attempt
RuleID : 49281 - Type : FILE-OTHER - Revision : 2
2019-03-28 Adobe Acrobat Pro HTML use-after-free attempt
RuleID : 49280 - Type : FILE-OTHER - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-03-29 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_1ce95bc7327811e8b52700012e582166.nasl - Type: ACT_GATHER_INFO
2018-03-22 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201803-11.nasl - Type: ACT_GATHER_INFO
2018-02-05 Name: The remote Fedora host is missing a security update.
File: fedora_2018-43712163de.nasl - Type: ACT_GATHER_INFO
2018-01-29 Name: The remote Fedora host is missing a security update.
File: fedora_2018-3199135a7e.nasl - Type: ACT_GATHER_INFO
2018-01-15 Name: The remote Fedora host is missing a security update.
File: fedora_2017-3433c9245d.nasl - Type: ACT_GATHER_INFO
2018-01-15 Name: The remote Fedora host is missing a security update.
File: fedora_2017-06b373d942.nasl - Type: ACT_GATHER_INFO
2018-01-10 Name: The remote Fedora host is missing a security update.
File: fedora_2017-0ad0e2f390.nasl - Type: ACT_GATHER_INFO
2018-01-08 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_7_2_banner.nasl - Type: ACT_GATHER_INFO
2018-01-08 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_7_2.nasl - Type: ACT_GATHER_INFO
2018-01-08 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201801-09.nasl - Type: ACT_GATHER_INFO
2018-01-05 Name: The remote Apple TV device is affected by multiple vulnerabilities.
File: appletv_11_2.nasl - Type: ACT_GATHER_INFO
2018-01-03 Name: A web browser installed on the remote macOS or Mac OS X host is affected by m...
File: macosx_Safari11_0_2.nasl - Type: ACT_GATHER_INFO
2017-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201712-01.nasl - Type: ACT_GATHER_INFO
2017-11-29 Name: The remote Fedora host is missing a security update.
File: fedora_2017-4d5618a962.nasl - Type: ACT_GATHER_INFO
2017-11-29 Name: The remote Fedora host is missing a security update.
File: fedora_2017-077334783e.nasl - Type: ACT_GATHER_INFO
2017-11-17 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3481-1.nasl - Type: ACT_GATHER_INFO
2017-11-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-1268.nasl - Type: ACT_GATHER_INFO
2017-11-07 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2933-1.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Apple TV device is affected by multiple vulnerabilities.
File: appletv_11_1.nasl - Type: ACT_GATHER_INFO
2017-11-02 Name: A web browser installed on the remote macOS or Mac OS X host is affected by m...
File: macosx_Safari11_1.nasl - Type: ACT_GATHER_INFO
2017-11-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_7_1_banner.nasl - Type: ACT_GATHER_INFO
2017-11-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_7_1.nasl - Type: ACT_GATHER_INFO
2017-10-16 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201710-14.nasl - Type: ACT_GATHER_INFO
2017-08-11 Name: The remote Fedora host is missing a security update.
File: fedora_2017-9d572cc64a.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3376-1.nasl - Type: ACT_GATHER_INFO