Уязвимость выполнения произвольного кода через обработку вредоносного веб-контента в iOS, iPadOS, watchOS, tvOS, macOS и Safari
Описание
Ошибка записи за пределами выделенной памяти решена улучшенной проверкой входных данных. Обработка вредоносного веб-контента может привести к выполнению произвольного кода.
Затронутые версии ПО
- iOS до версии 15.6
- iPadOS до версии 15.6
- watchOS до версии 8.7
- tvOS до версии 15.6
- macOS Monterey до версии 12.5
- Safari до версии 15.6
Тип уязвимости
- Запись данных вне допустимых границ (out-of-bounds write)
- Выполнение произвольного кода
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
8.8 High
CVSS3
Дефекты
Связанные уязвимости
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.
An out-of-bounds write issue was addressed with improved input validat ...
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.
EPSS
8.8 High
CVSS3