CVE-2024-40779

Sažetak

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.

Reference

http://seclists.org/fulldisclosure/2024/Jul/15
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/17
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/21
http://seclists.org/fulldisclosure/2024/Jul/22
http://seclists.org/fulldisclosure/2024/Jul/23
https://support.apple.com/en-us/HT214116
https://support.apple.com/en-us/HT214117
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214121
https://support.apple.com/en-us/HT214122
https://support.apple.com/en-us/HT214123
https://support.apple.com/en-us/HT214124
https://www.secpod.com/blog/apple-fixes-multiple-security-vulnerabilities-in-july-2024-updates/
http://seclists.org/fulldisclosure/2024/Jul/15
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/17
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/21
http://seclists.org/fulldisclosure/2024/Jul/22
http://seclists.org/fulldisclosure/2024/Jul/23
https://support.apple.com/en-us/HT214116
https://support.apple.com/en-us/HT214117
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214121
https://support.apple.com/en-us/HT214122
https://support.apple.com/en-us/HT214123
https://support.apple.com/en-us/HT214124

CVSS

Base:	5.5
Impact:	3.6
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

13-03-2025 - 17:15

Objavljeno

29-07-2024 - 23:15