PT-2022-18050 · Apple · Safari+1

Jeonghoon Shin

Published

2022-05-16

Updated

2022-06-07

CVE-2022-26748

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to macOS Monterey 12.4 Apple Safari versions prior to macOS Big Sur 11.6.6 Apple Safari versions prior to Security Update 2022-004 Catalina

Description An out-of-bounds write issue was addressed with improved input validation. Processing maliciously crafted web content may lead to arbitrary code execution.

Recommendations For Apple Safari versions prior to macOS Monterey 12.4, update to macOS Monterey 12.4 or later. For Apple Safari versions prior to macOS Big Sur 11.6.6, update to macOS Big Sur 11.6.6 or later. For Apple Safari versions prior to Security Update 2022-004 Catalina, apply Security Update 2022-004 Catalina.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2022-26748

ZDI-22-793

Affected Products

Apple Macos

Safari

PT-2022-18050 · Apple · Safari+1

CVE-2022-26748

Weakness Enumeration

Related Identifiers

Affected Products

References · 10