Severity Rating: HIGH
Software Affected
Apple Safari versions prior to 16.2
Apple iOS version prior to 15.1
Overview
Multiple
vulnerabilities have been reported in Apple Safari which could be
exploited by an attacker to execute arbitrary code, bypass implemented
security restrictions, disclosure of process memory, gain access to
potentially sensitive information and bypass Same Origin Policy on the
targeted system.
Description
These
vulnerabilities are due to boundary error, logic issue, use after free
issue excessive, type confusion error in WebKit while processing
maliciously crafted web content.
Successful
exploitation of these vulnerabilities could allow an attacker to execute
arbitrary code, bypass implemented security restrictions, disclosure of
process memory, gain access to potentially sensitive information and
bypass Same Origin Policy on the targeted system.
Solution
Apply appropriate upgrade as mentioned in advisory:
Vendor Information
Apple
References
Apple
CVE Name
CVE-2022-42852
CVE-2022-42856
CVE-2022-42863
CVE-2022-42867
CVE-2022-46691
CVE-2022-46692
CVE-2022-46696
CVE-2022-46698
CVE-2022-46699
CVE-2022-46700
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.