First published: Mon Nov 13 2017(Updated: )
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Credit: product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Safari | <11.0.1 | |
Apple iPhone OS | <11.1 | |
Apple tvOS | <11.1 | |
Apple iCloud | <7.1 | |
Apple iTunes | <12.7.1 | |
Microsoft Windows | ||
Apple Webkit |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-13798 is a vulnerability in certain Apple products that allows remote attackers to execute arbitrary code or cause a denial of service.
iOS before version 11.1, Safari before version 11.0.1, iCloud before version 7.1 on Windows, iTunes before version 12.7.1 on Windows, and tvOS before version 11.1 are affected by CVE-2017-13798.
CVE-2017-13798 has a severity rating of 8.8 out of 10, which is considered high.
To fix CVE-2017-13798, update your Apple products to the latest versions available.
More information about CVE-2017-13798 can be found at the following references: http://www.securitytracker.com/id/1039703, https://security.gentoo.org/glsa/201712-01, https://support.apple.com/HT208219.