What is the severity of CVE-2017-2356?

CVE-2017-2356 is considered a moderate severity vulnerability due to its potential for memory corruption issues.

How do I fix CVE-2017-2356?

To fix CVE-2017-2356, upgrade your affected Apple device to the latest version such as iOS 10.2.1, Safari 10.0.3, or other respective updated software.

Which Apple products are affected by CVE-2017-2356?

CVE-2017-2356 affects iOS before 10.2.1, Safari before 10.0.3, iCloud before 6.1.1, iTunes before 12.5.5, and tvOS before 10.1.1.

What type of issues does CVE-2017-2356 address?

CVE-2017-2356 addresses multiple memory corruption issues through improved input validation.

Is CVE-2017-2356 related to WebKit?

Yes, CVE-2017-2356 includes vulnerabilities found in WebKit, specifically affecting applications like Safari.

Vulnerability/
CVE-2017-2356

high

8.8

CWE

20 119

23/1/2017

20/2/2017

5/8/2024

CVE-2017-2356: Input Validation

First published: Mon Jan 23 2017(Updated: )

WebKit. Multiple memory corruption issues were addressed through improved input validation.

Credit: Team Pangu lokihardt at PwnFest 2016 Ivan Fratric Google Project ZeroKai Kang Tencent product-security@apple.com

Affected Software	Affected Version	How to fix
iOS	<10.2.1
Apple Mobile Safari	<10.0.3
Apple iCloud for Windows	<6.1.1
Apple iTunes for Windows	<12.5.5
tvOS	<10.1.1
WebKitGTK+	<2.16.3
Apple iOS, iPadOS, and watchOS	<10.2.1	10.2.1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

HT207482

Peer vulnerabilities

(Found alongside the following vulnerabilities)

Frequently Asked Questions

What is the severity of CVE-2017-2356?
CVE-2017-2356 is considered a moderate severity vulnerability due to its potential for memory corruption issues.
How do I fix CVE-2017-2356?
To fix CVE-2017-2356, upgrade your affected Apple device to the latest version such as iOS 10.2.1, Safari 10.0.3, or other respective updated software.
Which Apple products are affected by CVE-2017-2356?
CVE-2017-2356 affects iOS before 10.2.1, Safari before 10.0.3, iCloud before 6.1.1, iTunes before 12.5.5, and tvOS before 10.1.1.
What type of issues does CVE-2017-2356 address?
CVE-2017-2356 addresses multiple memory corruption issues through improved input validation.
Is CVE-2017-2356 related to WebKit?
Yes, CVE-2017-2356 includes vulnerabilities found in WebKit, specifically affecting applications like Safari.

agent/type
agent/first-publish-date
agent/severity
agent/references
agent/weakness
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
collector/apple-support
alias/CVE-2017-2369
alias/CVE-2017-2366
vendor/apple
canonical/ios
canonical/apple mobile safari
canonical/apple icloud for windows
canonical/apple itunes for windows
canonical/tvos
vendor/webkitgtk
canonical/webkitgtk+
canonical/apple ios, ipados, and watchos

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.