CVE-2024-27833

Sažetak

An integer overflow was addressed with improved input validation. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2. Processing maliciously crafted web content may lead to arbitrary code execution.

Reference

https://support.apple.com/en-us/120896
https://support.apple.com/en-us/120898
https://support.apple.com/en-us/120901
https://support.apple.com/en-us/120905
https://support.apple.com/en-us/120906
http://seclists.org/fulldisclosure/2024/Jun/5
https://support.apple.com/en-us/HT214100
https://support.apple.com/en-us/HT214101
https://support.apple.com/en-us/HT214102
https://support.apple.com/en-us/HT214103
https://support.apple.com/en-us/HT214108
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214102
https://support.apple.com/kb/HT214103
https://support.apple.com/kb/HT214108

CVSS

Base:	8.8
Impact:	5.9
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

02-04-2026 - 19:17

Objavljeno

10-06-2024 - 21:15