CVE-2017-7106: Input Validation
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar.
Other sources
WebKit. An inconsistent user interface issue was addressed with improved state management.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2017-13829
- CVE-2017-13833
- CVE-2017-13831
- CVE-2017-9049
- CVE-2017-7376
- CVE-2017-5130
- CVE-2017-9050
- CVE-2018-4302
- CVE-2017-7127
- CVE-2017-7081
- CVE-2017-7087
- CVE-2017-7091
- CVE-2017-7092
- CVE-2017-7093
- CVE-2017-7094
- CVE-2017-7095
- CVE-2017-7096
- CVE-2017-7098
- CVE-2017-7099
- CVE-2017-7100
- CVE-2017-7102
- CVE-2017-7104
- CVE-2017-7107
- CVE-2017-7111
- CVE-2017-7117
- CVE-2017-7120
- CVE-2017-7089
- CVE-2017-7090
- CVE-2017-7106
- CVE-2017-7109
- CVE-2017-13832
- CVE-2017-13863
- CVE-2017-7131
- CVE-2017-7083
- CVE-2017-13821
- CVE-2017-0381
- CVE-2017-13825
- CVE-2017-7088
- CVE-2017-13815
- CVE-2017-13828
- CVE-2017-11103
- CVE-2017-13830
- CVE-2017-7072
- CVE-2017-13814
- CVE-2017-7114
- CVE-2017-13817
- CVE-2017-13818
- CVE-2017-13836
- CVE-2017-13841
- CVE-2017-13840
- CVE-2017-13842
- CVE-2017-13843
- CVE-2017-13854
- CVE-2017-13834
- CVE-2017-13873
- CVE-2017-7140
- CVE-2017-13813
- CVE-2017-13816
- CVE-2017-13812
- CVE-2017-7086
- CVE-2017-1000373
- CVE-2016-9063
- CVE-2017-9233
- CVE-2017-7148
- CVE-2017-7078
- CVE-2017-7097
- CVE-2017-7118
- CVE-2017-7133
- CVE-2017-7075
- CVE-2017-7139
- CVE-2017-13806
- CVE-2017-13822
- CVE-2017-7132
- CVE-2017-7085
- CVE-2017-13877
- CVE-2017-7080
- CVE-2017-7146
- CVE-2017-10989
- CVE-2017-7128
- CVE-2017-7129
- CVE-2017-7130
- CVE-2017-6211
- CVE-2017-7145
- CVE-2017-7144
- CVE-2017-7142
- CVE-2017-11120
- CVE-2017-11121
- CVE-2017-7103
- CVE-2017-7105
- CVE-2017-7108
- CVE-2017-7110
- CVE-2017-7112
- CVE-2017-7115
- CVE-2017-7116
- CVE-2017-11122
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
Frequently Asked Questions
What is CVE-2017-7106?
CVE-2017-7106 is a vulnerability in certain Apple products that allows remote attackers to spoof the address bar.
Which Apple products are affected by CVE-2017-7106?
iOS before 11, Safari before 11, and iCloud before 7.0 on Windows are affected by CVE-2017-7106.
How severe is CVE-2017-7106?
CVE-2017-7106 has a severity rating of 6.5 (medium).
How can I fix CVE-2017-7106?
To fix CVE-2017-7106, make sure you have the latest version of iOS, Safari, or iCloud installed.
Where can I find more information about CVE-2017-7106?
You can find more information about CVE-2017-7106 on the Apple support page, SecurityFocus, and SecurityTracker.