PT-2023-6800 · Apple+5 · Safari+12

Dong Jun Kim

Publicado

2023-05-03

Atualizado

2024-01-31

CVE-2023-35074

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions WebKitGTK versions prior to the fixed version WPE WebKit versions prior to the fixed version tvOS versions prior to 17 Safari versions prior to 17 watchOS versions prior to 10 iOS versions prior to 17 iPadOS versions prior to 17 macOS versions prior to Sonoma 14

Description The issue is related to a buffer overflow in memory, which may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. Processing web content may lead to arbitrary code execution.

Recommendations For WebKitGTK, update to a version that includes improved memory handling. For WPE WebKit, update to a version that includes improved memory handling. For tvOS, update to version 17 or later. For Safari, update to version 17 or later. For watchOS, update to version 10 or later. For iOS, update to version 17 or later. For iPadOS, update to version 17 or later. For macOS, update to Sonoma 14 or later.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

BDU:2023-07666

CESA-2023_4202

CVE-2023-35074

DSA-5396-1

DSA-5396-2

OPENSUSE-SU-2023_4294-1

RHSA-2023:4201

RHSA-2023:4202

RHSA-2023_4201

RHSA-2023_4202

RHSA-2025:10364

SUSE-SU-2023:4209-1

SUSE-SU-2023:4211-1

SUSE-SU-2023:4294-1

SUSE-SU-2023:4339-1

Produtos afetados

Astra Linux

Centos

Debian

Apple Macos

Red Hat

Safari

Suse

Wpe Webkit

Webkitgtk

Ios

Ipados

Tvos

Watchos

PT-2023-6800 · Apple+5 · Safari+12

CVE-2023-35074

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 61