CVE-2017-7013
First published: Thu Jul 20 2017(Updated: )
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxml2" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted XML file.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iCloud for Windows | <=6.2.1 | |
| Microsoft Windows | ||
| Apple iTunes for Windows | <=12.6.1 | |
| iStyle @cosme iPhone OS | <=10.3.2 | |
| Apple iOS and macOS | <=10.12.5 | |
| tvOS | <=10.2.1 | |
| Apple iOS, iPadOS, and watchOS | <=3.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-7013?
CVE-2017-7013 has been rated as a high severity vulnerability due to its potential impact on sensitive data and system integrity.
How do I fix CVE-2017-7013?
To fix CVE-2017-7013, update your affected Apple products to their latest versions, such as iOS to 10.3.3, macOS to 10.12.6, and so on.
Which Apple products are affected by CVE-2017-7013?
CVE-2017-7013 affects iOS versions before 10.3.3, macOS versions before 10.12.6, and various versions of iCloud, iTunes, tvOS, and watchOS.
Is Microsoft Windows affected by CVE-2017-7013?
No, Microsoft Windows itself is not affected by CVE-2017-7013, but certain Apple applications running on Windows are impacted.
What are the consequences of CVE-2017-7013 if not patched?
If CVE-2017-7013 is not patched, it could allow attackers to exploit weaknesses in affected Apple software, potentially leading to unauthorized access or data breaches.
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apple
- canonical/apple icloud for windows
- version/apple icloud for windows/6.2.1
- vendor/microsoft
- canonical/microsoft windows
- canonical/apple itunes for windows
- version/apple itunes for windows/12.6.1
- canonical/istyle @cosme iphone os
- version/istyle @cosme iphone os/10.3.2
- canonical/apple ios and macos
- version/apple ios and macos/10.12.5
- canonical/tvos
- version/tvos/10.2.1
- canonical/apple ios, ipados, and watchos
- version/apple ios, ipados, and watchos/3.2.2