Details of VAR-202212-1489

ID

VAR-202212-1489

CVE

CVE-2022-46696

TITLE

Out-of-bounds write vulnerability in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-023509

DESCRIPTION

A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. Safari , iPadOS , iOS Multiple Apple products have an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-12-13-9 Safari 16.2 Safari 16.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213537. WebKit Bugzilla: 245466 CVE-2022-46691: an anonymous researcher WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may bypass Same Origin Policy Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 246783 CVE-2022-46692: KirtiKumar Anandrao Ramchandani WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: The issue was addressed with improved memory handling. CVE-2022-42852: hazbinhotel working with Trend Micro Zero Day Initiative WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. WebKit Bugzilla: 246942 CVE-2022-46696: Samuel Groß of Google V8 Security WebKit Bugzilla: 247562 CVE-2022-46700: Samuel Groß of Google V8 Security WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A logic issue was addressed with improved checks. CVE-2022-46698: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. WebKit Bugzilla: 247420 CVE-2022-46699: Samuel Groß of Google V8 Security WebKit Bugzilla: 244622 CVE-2022-42863: an anonymous researcher WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1. WebKit Bugzilla: 248266 CVE-2022-42856: Clément Lecigne of Google's Threat Analysis Group Additional recognition WebKit We would like to acknowledge an anonymous researcher, scarlet for their assistance. Safari 16.2 may be obtained from the Mac App Store. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmOZFX0ACgkQ4RjMIDke NxniRQ/+LTObFcBEWogS56q3+7wjz2BgzBZYn4gwNGfvXf0zZfmXnTE0WXUolVa1 8/glHt7Tu5/KKfy6JDqmQvrF6fo2YpBgH0wrux/j4VPVCeaaOa2gXRAw0CBa4e4E OabGVEXEsgJjyE4MSMKh8Hn1VD4ANTPPKn5jWmDsCsSS2zEo94gD7Mkqh81CeFoV Yhmbv87nZAdEz2nHUkoM6PmN8SPAY5VtRp6i1rbkpcmMfs3VyA/ehnkfBGQK2xH7 vHpx2yyoXlqwR0zc7uHEge13e8kZ1Zh8UdIecgJuoyOvvmRR5DcchMFUYpUq8JcZ JOqN2lsRBu52WvoEGCkD80/PWamhD+CJWeMvgbvEZSOiNKKOSY1qO0w0NsGMPXCh 6xdcjfeTpslNn4zNUfaAwnUGIyxbIsNNHIgw3VX5GnFihpEsknBqbjxTLCBrDdFE T5xuHPBj7vXEW3V2ZXVt2MctWCr0GQdHt66C2m3gAEhL9xoN6YMEXLI0RVgUHmaf hOY/EZMIGm1cL33OvMKuvWCJuGW81+2+LJSwoscguhrj7Jb2qTOL2w06VDyNftuY F876pPWZgEj1O7DAtL9OP8IdrpSmQnAkvVUIZA6Sx3MaxTdl4f6lG4NlcsMGz+se PxxMCYWi8f/sPNxSdfoYardNkQcPsKm13UFu+Q9nSuV0A+x0qgA= =F0qN -----END PGP SIGNATURE-----

Trust: 1.89

sources: NVD: CVE-2022-46696 // JVNDB: JVNDB-2022-023509 // VULHUB: VHN-447270 // VULMON: CVE-2022-46696 // PACKETSTORM: 170319

AFFECTED PRODUCTS

vendor:	apple	model:	iphone os	scope:	lt	version:	16.2	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	16.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	lt	version:	16.2	Trust: 1.0
vendor:	apple	model:	macos	scope:	lt	version:	13.1	Trust: 1.0
vendor:	apple	model:	ipados	scope:	lt	version:	16.2	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	9.2	Trust: 1.0
vendor:	アップル	model:	tvos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ipados	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	ios	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	watchos	scope:	eq	version:	9.2	Trust: 0.8
vendor:	アップル	model:	macos	scope:	-	version:	-	Trust: 0.8
vendor:	アップル	model:	safari	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-023509 // NVD: CVE-2022-46696

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-46696
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-46696
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202212-3025
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-46696
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-46696
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-023509 // CNNVD: CNNVD-202212-3025 // NVD: CVE-2022-46696

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.1
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-447270 // JVNDB: JVNDB-2022-023509 // NVD: CVE-2022-46696

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202212-3025

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202212-3025

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-447270

PATCH

title:

HT213536 Apple Security update

url:

https://support.apple.com/en-us/HT213530

Trust: 0.8

sources: JVNDB: JVNDB-2022-023509

EXTERNAL IDS

db:	NVD	id:	CVE-2022-46696	Trust: 3.5
db:	PACKETSTORM	id:	170319	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-023509	Trust: 0.8
db:	CNNVD	id:	CNNVD-202212-3025	Trust: 0.6
db:	VULHUB	id:	VHN-447270	Trust: 0.1
db:	VULMON	id:	CVE-2022-46696	Trust: 0.1

sources: VULHUB: VHN-447270 // VULMON: CVE-2022-46696 // JVNDB: JVNDB-2022-023509 // PACKETSTORM: 170319 // CNNVD: CNNVD-202212-3025 // NVD: CVE-2022-46696

REFERENCES

url:	http://seclists.org/fulldisclosure/2022/dec/20	Trust: 2.5
url:	http://seclists.org/fulldisclosure/2022/dec/23	Trust: 2.5
url:	http://seclists.org/fulldisclosure/2022/dec/26	Trust: 2.5
url:	http://seclists.org/fulldisclosure/2022/dec/27	Trust: 2.5
url:	http://seclists.org/fulldisclosure/2022/dec/28	Trust: 2.5
url:	https://support.apple.com/en-us/ht213536	Trust: 2.4
url:	https://support.apple.com/en-us/ht213530	Trust: 1.8
url:	https://support.apple.com/en-us/ht213532	Trust: 1.8
url:	https://support.apple.com/en-us/ht213535	Trust: 1.8
url:	https://support.apple.com/en-us/ht213537	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-46696	Trust: 0.9
url:	https://cxsecurity.com/cveshow/cve-2022-46696/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-ios-macos-multiple-vulnerabilities-of-december-2022-40105	Trust: 0.6
url:	https://packetstormsecurity.com/files/170319/apple-security-advisory-2022-12-13-9.html	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-42867	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-46691	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-46692	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-46700	Trust: 0.1
url:	https://support.apple.com/en-us/ht201222.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-42863	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-42856	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-42852	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-46699	Trust: 0.1
url:	https://support.apple.com/ht213537.	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2022-46698	Trust: 0.1

sources: VULHUB: VHN-447270 // VULMON: CVE-2022-46696 // JVNDB: JVNDB-2022-023509 // PACKETSTORM: 170319 // CNNVD: CNNVD-202212-3025 // NVD: CVE-2022-46696

CREDITS

Apple

Trust: 0.1

sources: PACKETSTORM: 170319

SOURCES

db:	VULHUB	id:	VHN-447270
db:	VULMON	id:	CVE-2022-46696
db:	JVNDB	id:	JVNDB-2022-023509
db:	PACKETSTORM	id:	170319
db:	CNNVD	id:	CNNVD-202212-3025
db:	NVD	id:	CVE-2022-46696

LAST UPDATE DATE

2024-08-14T13:17:31.098000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-447270	date:	2023-01-09T00:00:00
db:	VULMON	id:	CVE-2022-46696	date:	2022-12-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-023509	date:	2023-11-29T03:02:00
db:	CNNVD	id:	CNNVD-202212-3025	date:	2022-12-30T00:00:00
db:	NVD	id:	CVE-2022-46696	date:	2023-01-09T16:50:31.910

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-447270	date:	2022-12-15T00:00:00
db:	VULMON	id:	CVE-2022-46696	date:	2022-12-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-023509	date:	2023-11-29T00:00:00
db:	PACKETSTORM	id:	170319	date:	2022-12-22T02:13:43
db:	CNNVD	id:	CNNVD-202212-3025	date:	2022-12-13T00:00:00
db:	NVD	id:	CVE-2022-46696	date:	2022-12-15T19:15:26.467