CVE-2017-2510

Priority
Medium
Description
An issue was discovered in certain Apple products. iOS before 10.3.2 is
affected. Safari before 10.1.1 is affected. The issue involves the "WebKit"
component. It allows remote attackers to conduct Universal XSS (UXSS)
attacks via a crafted web site that improperly interacts with pageshow
events.
References
Notes
 jdstrand> webkit receives limited support. For details, see
 https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit
 jdstrand> webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 16.10 (Yakkety Yak):needs-triage
Ubuntu 17.04 (Zesty Zapus):needs-triage
Patches:
Package
Upstream:released (2.16.3)
Ubuntu 17.10 (Artful Aardvark):not-affected (2.16.3-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.16.3-0ubuntu0.16.04.1)
Ubuntu 16.10 (Yakkety Yak):released (2.16.3-0ubuntu0.16.10.1)
Ubuntu 17.04 (Zesty Zapus):released (2.16.3-0ubuntu0.17.04.1)
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 16.10 (Yakkety Yak):needs-triage
Ubuntu 17.04 (Zesty Zapus):needs-triage
Package
Upstream:needs-triage
Ubuntu 17.10 (Artful Aardvark):needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 16.10 (Yakkety Yak):needs-triage
Ubuntu 17.04 (Zesty Zapus):needs-triage
More Information

Updated: 2017-05-30 15:14:14 UTC (commit 12638)