Apple3 [0-Day] CVE-2022-42823 - Apple Safari JavaScriptCore Inspector Type Confusion Vulnerability Title Apple Safari JavaScriptCore Inspector Type confusion Vulnerability Summary A Type confusion vulnerability exists in the Apple Safari JSC Inspector This issue causes Memory Corruption due to Type confusion. An attacker must open a arbitrary generated HTML file to exploit this vulnerability. Test environment macOS M1 Monterey 12.5(21G72) Apple Safari 15.6(17613.3.9.1.5) Root Cause Analysis I.. 2022. 11. 11. [0-Day] CVE-2022-32787 - Apple Safari ICU Out-Of-Bounds Write Vulnerability Original Write up : SSD Advisory – Apple Safari ICU Out-Of-Bounds Write TL;DR An Out-Of-Bounds Write vulnerability exists in Apple Safari ICU components libicucore.A.dylib [icu::FormattedStringBuilder::insert]. This library is called when Safari handles the Intl.ListFormat().format function. Vulnerability Summary A vulnerability in Apple Safari ICU components allows an attacker to trigger an OOB.. 2022. 8. 10. [0-Day] CVE-2022-32816 - Apple Safari IDN URL Spoofing Vulnerability Original Write up : SSD Advisory – Apple Safari IDN URL Spoofing TL;DR Bad handling by Apple Safari allows attackers to use certain look-alike characters instead of the real ones to confuse victims into thinking they are reach a certain site, while they are accessing another one. Vulnerability Summary A vulnerability in Apple Safari IDN handling allows attackers to perform a URL Spoofing as Safa.. 2022. 8. 7. 이전 1 다음
