CVE-2017-2547: Buffer Overflow
First published: Mon May 22 2017(Updated: )
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Mobile Safari | <=10.1 | |
| iStyle @cosme iPhone OS | <=10.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-2547?
CVE-2017-2547 is rated as a high severity vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2017-2547?
To mitigate CVE-2017-2547, users should update their iOS devices to version 10.3.2 or later and Safari to version 10.1.1 or later.
What components are affected by CVE-2017-2547?
CVE-2017-2547 affects the WebKit component in iOS and Safari versions prior to their respective secure releases.
Can CVE-2017-2547 lead to data loss?
Yes, CVE-2017-2547 can lead to denial of service, which may result in application crashes and potential data loss.
Who is at risk from CVE-2017-2547?
Users of iOS versions before 10.3.2 and Safari versions before 10.1.1 are at risk from CVE-2017-2547.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apple
- canonical/apple mobile safari
- version/apple mobile safari/10.1
- canonical/istyle @cosme iphone os
- version/istyle @cosme iphone os/10.3.1