CVE-2021-1844

Sažetak

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution.

Reference

https://support.apple.com/en-us/HT212222
https://support.apple.com/en-us/HT212223
https://support.apple.com/en-us/HT212220
https://support.apple.com/en-us/HT212221
https://support.apple.com/kb/HT212323
http://seclists.org/fulldisclosure/2021/Apr/55
https://www.debian.org/security/2021/dsa-4923
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3L6ZZOU5JS7E3RFYGLP7UFLXCG7TNLU/

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

07-11-2023 - 03:28

Objavljeno

02-04-2021 - 19:15