First published: Mon Jan 23 2017(Updated: )
WebKit. A validation issue existed in the handling of variable handling. This issue was addressed through improved validation.
Credit: lokihardt Google Project Zero product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS and iPadOS | <10.2.1 | 10.2.1 |
iPhone OS | <10.2.1 | |
Safari | <10.0.3 | |
tvOS | <10.1.1 | |
WebKitGTK+ | <2.16.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2017-2365 has been classified as a moderate severity vulnerability.
To fix CVE-2017-2365, update your affected Apple devices to iOS 10.2.1, Safari 10.0.3, or tvOS 10.1.1.
CVE-2017-2365 affects iOS devices prior to version 10.2.1, Safari versions before 10.0.3, and tvOS versions before 10.1.1.
CVE-2017-2365 is a validation issue related to variable handling in WebKit.
Yes, CVE-2017-2365 can potentially be exploited remotely if users access a malicious web page.