First published: Mon Nov 13 2017(Updated: )
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTunes before 12.7.1 on Windows is affected. tvOS before 11.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Credit: product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Safari | <11.0.1 | |
Apple iPhone OS | <11.1 | |
Apple tvOS | <11.1 | |
Apple iCloud | <7.1 | |
Apple iTunes | <12.7.1 | |
Microsoft Windows | ||
Apple Webkit |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-13803 is a vulnerability that affects certain Apple products, including iOS before 11.1, Safari before 11.0.1, iCloud before 7.1 on Windows, iTunes before 12.7.1 on Windows, and tvOS before 11.1.
CVE-2017-13803 has a severity score of 8.8 (high).
CVE-2017-13803 affects iOS versions up to but not including 11.1, Safari version up to but not including 11.0.1, iCloud versions up to but not including 7.1 on Windows, iTunes versions up to but not including 12.7.1 on Windows, and tvOS versions up to but not including 11.1.
CVE-2017-13803 involves a vulnerability in the "WebKit" component of certain Apple products, which can be exploited by remote attackers.
To fix CVE-2017-13803, it is recommended to update your affected Apple products to the latest available versions.