HTTP: Apple Safari CVE-2017-2447 Out Of Bounds

This signature detects an attempt to exploit an out-of-bounds read vulnerability in Apple Safari. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Extended Description

An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted web site.

Affected Products

Apple tvos

References

CVE: CVE-2017-2447

Short Name
HTTP:STC:APPLE-SAFARI-OOB
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apple Bounds CVE-2017-2447 Of Out Safari
Release Date
05/18/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Apple

CVSS Score

5.8

Found a potential security threat?