Multiple vulnerabilities in Apple Safari



Published: 2022-09-12 | Updated: 2022-12-28
Risk High
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2022-32886
CVE-2022-32912
CVE-2022-32891
CVE-2022-32868
CVE-2022-32892
CVE-2022-32833
CWE-ID CWE-119
CWE-125
CWE-451
CWE-200
CWE-254
CWE-312
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Apple Safari
Client/Desktop applications / Web browsers

Vendor Apple Inc.

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Buffer overflow

EUVDB-ID: #VU67199

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-32886

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing web content in WebKit. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Apple Safari: 15.0 - 15.6.1

External links

http://support.apple.com/en-us/HT213442


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU67198

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-32912

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it using the affected software, trigger out-of-bounds read and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Apple Safari: 15.0 - 15.6.1

External links

http://support.apple.com/en-us/HT213442


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Spoofing attack

EUVDB-ID: #VU67197

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-32891

CWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to incorrect processing of frames on the webpage within WebKit. A remote attacker can spoof page content.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Apple Safari: 15.0 - 15.6.1

External links

http://support.apple.com/en-us/HT213442


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU67200

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-32868

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data exposure. A remote attacker can track users through Safari web extensions.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Apple Safari: 15.0 - 15.6.1

External links

http://support.apple.com/en-us/HT213442


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Security features bypass

EUVDB-ID: #VU68681

Risk: Medium

CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-32892

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to improper access restrictions within WebKit Sandboxing. A remote attacker can trick the victim into visiting a specially crafted website and bypass implemented sandbox restrictions on the browser process.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Apple Safari: 15.0 - 15.6.1

External links

http://support.apple.com/en-us/HT213442


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Cleartext storage of sensitive information

EUVDB-ID: #VU70519

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-32833

CWE-ID: CWE-312 - Cleartext Storage of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists in the way website data are stored within the WebKit Storage. A local application can gain access to potentially sensitive information.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Apple Safari: before 16.0

External links

http://support.apple.com/en-us/HT213442


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###