exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Apple Security Advisory 2023-05-18-8

Apple Security Advisory 2023-05-18-8
Posted May 30, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-05-18-8 - Safari 16.5 addresses buffer overflow, code execution, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2023-28204, CVE-2023-32373, CVE-2023-32402, CVE-2023-32409, CVE-2023-32423
SHA-256 | 760d4b141490199d056c3e2fd5a33bfe2577cd0555f9509afc40faff26728f2e

Apple Security Advisory 2023-05-18-8

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2023-05-18-8 Safari 16.5

Safari 16.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213762.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Processing web content may disclose sensitive information
Description: An out-of-bounds read was addressed with improved input
validation.
WebKit Bugzilla: 255075
CVE-2023-32402: an anonymous researcher

WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Processing web content may disclose sensitive information
Description: A buffer overflow issue was addressed with improved memory
handling.
WebKit Bugzilla: 254781
CVE-2023-32423: Ignacio Sanmillan (@ulexec)

WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: A remote attacker may be able to break out of Web Content
sandbox. Apple is aware of a report that this issue may have been
actively exploited.
Description: The issue was addressed with improved bounds checks.
WebKit Bugzilla: 255350
CVE-2023-32409: Clément Lecigne of Google's Threat Analysis Group and
Donncha Ó Cearbhaill of Amnesty International’s Security Lab

WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Processing web content may disclose sensitive information. Apple
is aware of a report that this issue may have been actively exploited.
Description: An out-of-bounds read was addressed with improved input
validation.
WebKit Bugzilla: 254930
CVE-2023-28204: an anonymous researcher

WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution. Apple is aware of a report that this issue may have been
actively exploited.
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 254840
CVE-2023-32373: an anonymous researcher

Safari 16.5 may be obtained from the Mac App Store.
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmRmqNMACgkQ4RjMIDke
NxkxXRAAgXiL8dPy/qyErjf8JF5I4iJyJW9zQRmnuH5yMvWq1DJhIFnlfBZ0Mo7U
mqp25eCjjev2MOteuPkMKMfXlPbUS4kZyrdZcmg8J2+h9W0SZGVAbdV6BtCGA34s
0ONdEI8YVejnf5/1UI6ndNxRpC5fHHBaOFI+X7NU9iqEe5WETiW8JUrOmFIGaw2W
fTLWhKcxg/LzBCQckSvhxLb/gToJtlRc6/AIZajYh3jZgTfqCI/NKObLzDkNz9BV
V5GURuvKu5qNM4dYGbMdXaUfR5g2EtECBLktxfTPhOvFvFcaW44ZCdpnXDMdNq7v
z7Z0tL73aO6AvH+EwkEssmENljvBjbr3urqpKXYkMgoXQ71Cl6IV22wPiA1NU7TP
X6ltRt2J3TTWTE1LjoKXivWXaEeM00n7JzoXNn8H5Ch9sA29NlZrMFyLycr9qdXO
P8braWLsUZEG7x5ho74wrjnEcIwI5WOSlXVCMMfX0kQt5Qtm9mw4ifMErAuirESc
yAanfRFrgS2MGGZBKUcmZ2zyq6/HAbW5L4YiFHy80kz+ZlxnLFHC+v2Mtl4oEAk8
9/HwxuDMMxK5my5RuaN3+apVVAvUUmJ/SJtMRFkCNVnCMhNGbn2QhuYjWb5btEW7
v/JYR0l1957TxwvrHpiaEi8vZzz/jrBOjMoDilC2hyvkhuNhQy8=
=mDye
-----END PGP SIGNATURE-----



Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close