ID

VAR-202212-1489


CVE

CVE-2022-46696


TITLE

Out-of-bounds write vulnerability in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-023509

DESCRIPTION

A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. Safari , iPadOS , iOS Multiple Apple products have an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-12-13-9 Safari 16.2 Safari 16.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213537. WebKit Bugzilla: 245466 CVE-2022-46691: an anonymous researcher WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may bypass Same Origin Policy Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 246783 CVE-2022-46692: KirtiKumar Anandrao Ramchandani WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: The issue was addressed with improved memory handling. CVE-2022-42852: hazbinhotel working with Trend Micro Zero Day Initiative WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. WebKit Bugzilla: 246942 CVE-2022-46696: Samuel Groß of Google V8 Security WebKit Bugzilla: 247562 CVE-2022-46700: Samuel Groß of Google V8 Security WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A logic issue was addressed with improved checks. CVE-2022-46698: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. WebKit Bugzilla: 247420 CVE-2022-46699: Samuel Groß of Google V8 Security WebKit Bugzilla: 244622 CVE-2022-42863: an anonymous researcher WebKit Available for: macOS Big Sur and macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1. WebKit Bugzilla: 248266 CVE-2022-42856: Clément Lecigne of Google's Threat Analysis Group Additional recognition WebKit We would like to acknowledge an anonymous researcher, scarlet for their assistance. Safari 16.2 may be obtained from the Mac App Store. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmOZFX0ACgkQ4RjMIDke NxniRQ/+LTObFcBEWogS56q3+7wjz2BgzBZYn4gwNGfvXf0zZfmXnTE0WXUolVa1 8/glHt7Tu5/KKfy6JDqmQvrF6fo2YpBgH0wrux/j4VPVCeaaOa2gXRAw0CBa4e4E OabGVEXEsgJjyE4MSMKh8Hn1VD4ANTPPKn5jWmDsCsSS2zEo94gD7Mkqh81CeFoV Yhmbv87nZAdEz2nHUkoM6PmN8SPAY5VtRp6i1rbkpcmMfs3VyA/ehnkfBGQK2xH7 vHpx2yyoXlqwR0zc7uHEge13e8kZ1Zh8UdIecgJuoyOvvmRR5DcchMFUYpUq8JcZ JOqN2lsRBu52WvoEGCkD80/PWamhD+CJWeMvgbvEZSOiNKKOSY1qO0w0NsGMPXCh 6xdcjfeTpslNn4zNUfaAwnUGIyxbIsNNHIgw3VX5GnFihpEsknBqbjxTLCBrDdFE T5xuHPBj7vXEW3V2ZXVt2MctWCr0GQdHt66C2m3gAEhL9xoN6YMEXLI0RVgUHmaf hOY/EZMIGm1cL33OvMKuvWCJuGW81+2+LJSwoscguhrj7Jb2qTOL2w06VDyNftuY F876pPWZgEj1O7DAtL9OP8IdrpSmQnAkvVUIZA6Sx3MaxTdl4f6lG4NlcsMGz+se PxxMCYWi8f/sPNxSdfoYardNkQcPsKm13UFu+Q9nSuV0A+x0qgA= =F0qN -----END PGP SIGNATURE-----

Trust: 1.89

sources: NVD: CVE-2022-46696 // JVNDB: JVNDB-2022-023509 // VULHUB: VHN-447270 // VULMON: CVE-2022-46696 // PACKETSTORM: 170319

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:16.2

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:16.2

Trust: 1.0

vendor:applemodel:safariscope:ltversion:16.2

Trust: 1.0

vendor:applemodel:macosscope:ltversion:13.1

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:16.2

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:9.2

Trust: 1.0

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope:eqversion:9.2

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:アップルmodel:safariscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-023509 // NVD: CVE-2022-46696

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-46696
value: HIGH

Trust: 1.0

NVD: CVE-2022-46696
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202212-3025
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-46696
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-46696
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-023509 // CNNVD: CNNVD-202212-3025 // NVD: CVE-2022-46696

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-447270 // JVNDB: JVNDB-2022-023509 // NVD: CVE-2022-46696

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202212-3025

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202212-3025

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-447270

PATCH

title:HT213536 Apple  Security updateurl:https://support.apple.com/en-us/HT213530

Trust: 0.8

sources: JVNDB: JVNDB-2022-023509

EXTERNAL IDS

db:NVDid:CVE-2022-46696

Trust: 3.5

db:PACKETSTORMid:170319

Trust: 0.8

db:JVNDBid:JVNDB-2022-023509

Trust: 0.8

db:CNNVDid:CNNVD-202212-3025

Trust: 0.6

db:VULHUBid:VHN-447270

Trust: 0.1

db:VULMONid:CVE-2022-46696

Trust: 0.1

sources: VULHUB: VHN-447270 // VULMON: CVE-2022-46696 // JVNDB: JVNDB-2022-023509 // PACKETSTORM: 170319 // CNNVD: CNNVD-202212-3025 // NVD: CVE-2022-46696

REFERENCES

url:http://seclists.org/fulldisclosure/2022/dec/20

Trust: 2.5

url:http://seclists.org/fulldisclosure/2022/dec/23

Trust: 2.5

url:http://seclists.org/fulldisclosure/2022/dec/26

Trust: 2.5

url:http://seclists.org/fulldisclosure/2022/dec/27

Trust: 2.5

url:http://seclists.org/fulldisclosure/2022/dec/28

Trust: 2.5

url:https://support.apple.com/en-us/ht213536

Trust: 2.4

url:https://support.apple.com/en-us/ht213530

Trust: 1.8

url:https://support.apple.com/en-us/ht213532

Trust: 1.8

url:https://support.apple.com/en-us/ht213535

Trust: 1.8

url:https://support.apple.com/en-us/ht213537

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-46696

Trust: 0.9

url:https://cxsecurity.com/cveshow/cve-2022-46696/

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-macos-multiple-vulnerabilities-of-december-2022-40105

Trust: 0.6

url:https://packetstormsecurity.com/files/170319/apple-security-advisory-2022-12-13-9.html

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42867

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-46691

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-46692

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-46700

Trust: 0.1

url:https://support.apple.com/en-us/ht201222.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42863

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42856

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42852

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-46699

Trust: 0.1

url:https://support.apple.com/ht213537.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-46698

Trust: 0.1

sources: VULHUB: VHN-447270 // VULMON: CVE-2022-46696 // JVNDB: JVNDB-2022-023509 // PACKETSTORM: 170319 // CNNVD: CNNVD-202212-3025 // NVD: CVE-2022-46696

CREDITS

Apple

Trust: 0.1

sources: PACKETSTORM: 170319

SOURCES

db:VULHUBid:VHN-447270
db:VULMONid:CVE-2022-46696
db:JVNDBid:JVNDB-2022-023509
db:PACKETSTORMid:170319
db:CNNVDid:CNNVD-202212-3025
db:NVDid:CVE-2022-46696

LAST UPDATE DATE

2024-08-14T13:17:31.098000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-447270date:2023-01-09T00:00:00
db:VULMONid:CVE-2022-46696date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023509date:2023-11-29T03:02:00
db:CNNVDid:CNNVD-202212-3025date:2022-12-30T00:00:00
db:NVDid:CVE-2022-46696date:2023-01-09T16:50:31.910

SOURCES RELEASE DATE

db:VULHUBid:VHN-447270date:2022-12-15T00:00:00
db:VULMONid:CVE-2022-46696date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023509date:2023-11-29T00:00:00
db:PACKETSTORMid:170319date:2022-12-22T02:13:43
db:CNNVDid:CNNVD-202212-3025date:2022-12-13T00:00:00
db:NVDid:CVE-2022-46696date:2022-12-15T19:15:26.467