APPLE-SA-2015-12-08-1

APPLE-SA-2015-12-08-2

APPLE-SA-2015-12-08-5

openSUSE-SU-2016:0761

78720

1034341

GLSA-201706-15

https://support.apple.com/HT205635

https://support.apple.com/HT205639

https://support.apple.com/HT205640

https://support.apple.com/kb/HT205636

The remote host is affected by the vulnerability described in GLSA-201706-15 (WebKitGTK+: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in WebKitGTK+. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attack can use multiple vectors to execute arbitrary code or       cause a denial of service condition.
  Workaround :

    There is no known workaround at this time.

According to its banner, the version of the remote Apple TV device is prior to 9.1. It is, therefore, affected by multiple vulnerabilities in the following components :

  - AppleMobileFileIntegrity
  - Compression
  - CoreGraphics
  - CoreMedia Playback
  - Disk Images
  - dyld
  - ImageIO
  - IOAcceleratorFamily
  - IOHIDFamily
  - IOKit SCSI
  - Kernel
  - libarchive
  - libc
  - libxml2
  - MobileStorageMounter
  - OpenGL
  - Security
  - WebKit

Note that only 4th generation models are affected by the vulnerabilities.

The remote host is running a version of iOS that is prior to version 9.2 and the following components contain vulnerabilities :

 - AppleMobileFileIntegrity
 - AppSandbox
 - CFNetwork HTTPProtocol
 - Compression
 - CoreGraphics
 - CoreMedia Playback
 - dyld
 - GPUTools Framework
 - iBooks
 - ImageIO
 - IOHIDFamily
 - IOKit SCSI
 - Kernel
 - LaunchServices
 - libarchive
 - libc
 - libxml2
 - MobileStorageMounter
 - OpenGL
 - Photos
 - QuickLook
 - Safari
 - Sandbox
 - Security
 - Siri
 - WebKit

This update for webkit2gtk3 fixes the following issues :

  - Update to version 2.10.7 :

  + Fix the build with GTK+ < 3.16.

  - Changes from version 2.10.6 :

  + Fix a deadlock in the Web Process when JavaScript     garbage collector was running for a web worker thread     that made google maps to hang.

  + Fix media controls displaying without controls     attribute.

  + Fix a Web Process crash when quickly attempting many DnD     operations.

  - Changes from version 2.10.5 :

  + Disable DNS prefetch when a proxy is configured.

  + Reduce the maximum simultaneous network connections to     match other browsers.

  + Make WebKitWebView always propagate motion-notify-event     signal.

  + Add a way to force accelerating compositing mode at     runtime using an environment variable.

  + Fix input elements and scrollbars rendering with GTK+     3.19.

  + Fix rendering of lines when using solid colors.

  + Fix UI process crashes related to not having a main     resource response when the load is committed for pages     restored from the history cache.

  + Fix a WebProcess crash when loading large contents with     custom URI schemes API.

  + Fix a crash in the UI process when the WebView is     destroyed while the screensaver DBus proxy is being     created.

  + Fix WebProcess crashes due to BadDrawable X errors in     accelerated compositing mode.

  + Fix crashes on PPC64 due to mprotect() on address not     aligned to the page size.

  + Fix std::bad_function_call exception raised in     dispatchDecidePolicyForNavigationAction.

  + Fix downloads of data URLs.

  + Fix runtime critical warnings when closing a page     containing windowed plugins.

  + Fix several crashes and rendering issues.

  + Translation updates: French, German, Italian, Turkish.

  + Security fixes: CVE-2015-7096, CVE-2015-7098.

  - Update to version 2.10.4, notable changes :

  + New HTTP disk cache for the Network Process.

  + New Web Inspector UI.

  + Automatic ScreenServer inhibition when playing     fullscreen videos.

  + Initial Editor API.

  + Performance improvements.

  - This update addresses the following security issues:
    CVE-2015-1122, CVE-2015-1152, CVE-2015-1155,     CVE-2015-3660, CVE-2015-3730, CVE-2015-3738,     CVE-2015-3740, CVE-2015-3742, CVE-2015-3744,     CVE-2015-3746, CVE-2015-3750, CVE-2015-3751,     CVE-2015-3754, CVE-2015-3755, CVE-2015-5804,     CVE-2015-5805, CVE-2015-5807, CVE-2015-5810,     CVE-2015-5813, CVE-2015-5814, CVE-2015-5815,     CVE-2015-5817, CVE-2015-5818, CVE-2015-5825,     CVE-2015-5827, CVE-2015-5828, CVE-2015-5929,     CVE-2015-5930, CVE-2015-5931, CVE-2015-7002,     CVE-2015-7013, CVE-2015-7014, CVE-2015-7048,     CVE-2015-7095, CVE-2015-7097, CVE-2015-7099,     CVE-2015-7100, CVE-2015-7102, CVE-2015-7103,     CVE-2015-7104

  - Add BuildRequires: hyphen-devel to pick up hyphenation     support. Note this is broken upstream.

  - Build with -DENABLE_DATABASE_PROCESS=OFF and

    -DENABLE_INDEXED_DATABASE=OFF to avoid an issue with GCC     4.8.

The version of Safari installed on the remote host is prior to 9.0.1, and is affected by multiple vulnerabilities in WebKit that are triggered as user-supplied input is not properly validated. With a specially crafted web page, a context-dependent attacker can potentially execute arbitrary code or gain access to a user's browsing history.

The version of Apple iTunes running on the remote Windows host is prior to 12.3.2. It is, therefore, affected by multiple vulnerabilities in the WebKit component :

  - Multiple memory corruption issues exists that an     attacker can exploit to cause a denial of service or     execute arbitrary code. (CVE-2015-7048, CVE-2015-7095,     CVE-2015-7096, CVE-2015-7097, CVE-2015-7098,     CVE-2015-7099, CVE-2015-7100, CVE-2015-7101,     CVE-2015-7102, CVE-2015-7103, CVE-2015-7104)

  - A flaw exists in content blocking due to improper     validation of input. A remote attacker can exploit this,     via a malicious website, to reveal the user's browsing     history. (CVE-2015-7050)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Apple iTunes installed on the remote Windows host is prior to 12.3.2. It is, therefore, affected by multiple vulnerabilities in the WebKit component :

  - Multiple memory corruption issues exists that an     attacker can exploit to cause a denial of service or     execute arbitrary code. (CVE-2015-7048, CVE-2015-7095,     CVE-2015-7096, CVE-2015-7097, CVE-2015-7098,     CVE-2015-7099, CVE-2015-7100, CVE-2015-7101,     CVE-2015-7102, CVE-2015-7103, CVE-2015-7104)

  - A flaw exists in content blocking due to improper     validation of input. A remote attacker can exploit this,     via a malicious website, to reveal the user's browsing     history. (CVE-2015-7050)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Apple Safari installed on the remote host is prior to 9.0.2. It is, therefore, affected by multiple memory corruption issues in WebKit due to improper memory handling. An unauthenticated, remote attacker can exploit these, via a crafted website, to execute arbitrary code or possibly cause a denial of service.

The mobile device is running a version of iOS prior to version 9.2. It is, therefore, affected by multiple vulnerabilities in the following components :

  - AppleMobileFileIntegrity
  - AppSandbox
  - CFNetwork HTTPProtocol
  - Compression
  - CoreGraphics
  - CoreMedia Playback
  - dyld
  - GPUTools Framework
  - iBooks
  - ImageIO
  - IOHIDFamily
  - IOKit SCSI
  - Kernel
  - LaunchServices
  - libarchive
  - libc
  - libxml2
  - MobileStorageMounter
  - OpenGL
  - Photos
  - QuickLook
  - Safari
  - Sandbox
  - Security
  - Siri
  - WebKit

ID	Name	Product	Family	Severity
100675	GLSA-201706-15 : WebKitGTK+: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
94050	Apple TV < 9.1 Multiple Vulnerabilities	Nessus	Misc.	high
9329	Apple iOS < 9.2 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
89950	openSUSE Security Update : webkit2gtk3 (openSUSE-2016-340)	Nessus	SuSE Local Security Checks	medium
9029	Safari < 9.0.2 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
87372	Apple iTunes < 12.3.2 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	medium
87371	Apple iTunes < 12.3.2 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	medium
87370	Mac OS X : Apple Safari < 9.0.2 Multiple RCE	Nessus	MacOS X Local Security Checks	medium
87310	Apple iOS < 9.2 Multiple Vulnerabilities	Nessus	Mobile Devices	critical

CVE-2015-7096

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins