Scribd
Upload
14 views

Multiple Vulnerabilities in Apple macOS

Multiple vulnerabilities were reported in older versions of Apple macOS, including Ventura 13.4.1 or earlier, Monterey 12.6.7 or earlier, and Big Sur 11.7.8 or earlier. The vulnerabilities include an integer overflow in the Kernel and type confusion issue in WebKit that could allow remote code execution if a victim visits a malicious webpage. Users are advised to update to the latest macOS version to protect against these security issues rated as highly severe.

Uploaded by

wesot52378
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
14 views

Multiple Vulnerabilities in Apple macOS

Multiple vulnerabilities were reported in older versions of Apple macOS, including Ventura 13.4.1 or earlier, Monterey 12.6.7 or earlier, and Big Sur 11.7.8 or earlier. The vulnerabilities include an integer overflow in the Kernel and type confusion issue in WebKit that could allow remote code execution if a victim visits a malicious webpage. Users are advised to update to the latest macOS version to protect against these security issues rated as highly severe.

Uploaded by

wesot52378
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

it@gelarogracestudio.

com

From: [email protected]
Sent: 26 June 2023 19:02
To: advisory
Subject: [CIVN-2023-0177] Multiple Vulnerabilities in Apple macOS

-----BEGIN PGP SIGNED MESSAGE-----


Hash: SHA256

Multiple Vulnerabilities in Apple macOS


Indian - Computer Emergency Response Team (cert-in.org.in)

Severity Rating: HIGH

Software Affected

Apple macOS Ventura versions prior to 13.4.1


Apple macOS Monterey versions prior to 12.6.7
Apple macOS Big Sur versions prior to 11.7.8
Overview

Multiple vulnerabilities have been reported in Apple macOS that could allow a remote attacker to
execute arbitrary code on a targeted system.

Description

These vulnerabilities exist in Apple macOS due to an integer overflow in Kernel and type confusion
issue in WebKit component. A remote attacker could exploit this vulnerability by persuading a victim
to visit a maliciously crafted webpage.

Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code on
the targeted system.

Solution

Update vulnerable macOS software to latest versions.


Vendor Information

Apple
https://support.apple.com/en-us/HT213813
https://support.apple.com/en-us/HT213810
https://support.apple.com/en-us/HT213809

References

Apple
https://support.apple.com/en-us/HT213813
https://support.apple.com/en-us/HT213810
1
https://support.apple.com/en-us/HT213809

CVE Name
CVE-2023-32434
CVE-2023-32439

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmSZlckACgkQ3jCgcSdc
ys9q5g/+LXNl/6YrN0MqfhijNRYnmKbRi9btxRI/bBHJ6MOYtIAmbfn7vA6RvHlA
Lh0+uS2a8GW66lmJ8vpRPESLnEZRCN2PKpAAQTZTJRYUEnmIjWdysfOgK9uu6VOQ
DftKTm2vmfRXVVwldlqvCxt0dOOPJWXB8iNfjEME+bDbRzGT2rqdnTiHAbkvIRxT
zZdp132q2mVIZVW/QVwBhmUfG6iBcyqIfws6jtP38qkuiZTUEREoiGi2mwRO8E7o
qChRaNMPcVkO+gBE/CgdMQs1+spBLtTUGeHImS6z6yopAWsFh+AkwewRR9JnxmRU
8WNXpnynUCHvkBMxnyYhKyn3hOEEZC00GqdPAmT2+z3YT+MH3Pyv+W8Nq0Yna6xf
4npuzrZP9C/Ol1WOH3cZsgpflIS57k3yA6gBsZ+Kz0GSVMiTBvc5a3J6ulha5wKk
N/MKk00N37sXRsP+NnJ3oUs8m3h97s5BYqN+ohu6R7wkHPfHch0F2c2ELIbmaEE7
kGTSbY0A/7qvO35zcrwLy5UA/vEylZKXHbLeWog6fPk5YVtQC7BjD6NUaSK1guzm
YNTF9v/+VtlWbVBf06AOQNlnYyhnWhhyyGb4p/Je/G9UfIRJnlMS3x+D/R1eHKWK
dz+WLtwVyWQcIoiRaHg+t/9h3LYfIVLfMl0RvR6RQElwGwCZ2Ek=
=VXr6
-----END PGP SIGNATURE-----

You might also like