Sign-up

ID

VAR-202302-2074


CVE

CVE-2022-42833


TITLE

apple's  macOS  Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-020304

DESCRIPTION

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. apple's macOS Exists in an out-of-bounds read vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-42833 // JVNDB: JVNDB-2022-020304 // VULHUB: VHN-439620 // VULMON: CVE-2022-42833

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:13.0

Trust: 1.0

vendor:アップルmodel:macosscope:eqversion:13.0

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-020304 // NVD: CVE-2022-42833

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-42833
value: HIGH

Trust: 1.0

NVD: CVE-2022-42833
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202302-2184
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-42833
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-42833
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-020304 // CNNVD: CNNVD-202302-2184 // NVD: CVE-2022-42833

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.1

problemtype:Out-of-bounds read (CWE-125) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-439620 // JVNDB: JVNDB-2022-020304 // NVD: CVE-2022-42833

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202302-2184

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202302-2184

PATCH

title:HT213488 Apple  Security updateurl:https://support.apple.com/en-us/HT213488

Trust: 0.8

title:Apple macOS Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=228171

Trust: 0.6

sources: JVNDB: JVNDB-2022-020304 // CNNVD: CNNVD-202302-2184

EXTERNAL IDS

db:NVDid:CVE-2022-42833

Trust: 3.4

db:JVNDBid:JVNDB-2022-020304

Trust: 0.8

db:CNNVDid:CNNVD-202302-2184

Trust: 0.6

db:VULHUBid:VHN-439620

Trust: 0.1

db:VULMONid:CVE-2022-42833

Trust: 0.1

sources: VULHUB: VHN-439620 // VULMON: CVE-2022-42833 // JVNDB: JVNDB-2022-020304 // CNNVD: CNNVD-202302-2184 // NVD: CVE-2022-42833

REFERENCES

url:https://support.apple.com/en-us/ht213488

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-42833

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-42833/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-439620 // VULMON: CVE-2022-42833 // JVNDB: JVNDB-2022-020304 // CNNVD: CNNVD-202302-2184 // NVD: CVE-2022-42833

SOURCES

db:VULHUBid:VHN-439620
db:VULMONid:CVE-2022-42833
db:JVNDBid:JVNDB-2022-020304
db:CNNVDid:CNNVD-202302-2184
db:NVDid:CVE-2022-42833

LAST UPDATE DATE

2024-08-14T15:37:07.784000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-439620date:2023-03-08T00:00:00
db:VULMONid:CVE-2022-42833date:2023-02-27T00:00:00
db:JVNDBid:JVNDB-2022-020304date:2023-11-01T07:02:00
db:CNNVDid:CNNVD-202302-2184date:2023-03-09T00:00:00
db:NVDid:CVE-2022-42833date:2023-03-08T16:09:29.260

SOURCES RELEASE DATE

db:VULHUBid:VHN-439620date:2023-02-27T00:00:00
db:VULMONid:CVE-2022-42833date:2023-02-27T00:00:00
db:JVNDBid:JVNDB-2022-020304date:2023-11-01T00:00:00
db:CNNVDid:CNNVD-202302-2184date:2023-02-27T00:00:00
db:NVDid:CVE-2022-42833date:2023-02-27T20:15:12.607