CVE-2024-44244

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/121563	Vendor Advisory
https://support.apple.com/en-us/121564	Vendor Advisory
https://support.apple.com/en-us/121565	Vendor Advisory
https://support.apple.com/en-us/121566	Vendor Advisory
https://support.apple.com/en-us/121569	Vendor Advisory
https://support.apple.com/en-us/121571	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:safari::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

30 Oct 2024, 17:31

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 4.3
CWE		CWE-787
References	~~() https://support.apple.com/en-us/121563 -~~	() https://support.apple.com/en-us/121563 - Vendor Advisory
References	~~() https://support.apple.com/en-us/121564 -~~	() https://support.apple.com/en-us/121564 - Vendor Advisory
References	~~() https://support.apple.com/en-us/121565 -~~	() https://support.apple.com/en-us/121565 - Vendor Advisory
References	~~() https://support.apple.com/en-us/121566 -~~	() https://support.apple.com/en-us/121566 - Vendor Advisory
References	~~() https://support.apple.com/en-us/121569 -~~	() https://support.apple.com/en-us/121569 - Vendor Advisory
References	~~() https://support.apple.com/en-us/121571 -~~	() https://support.apple.com/en-us/121571 - Vendor Advisory
CPE		cpe:2.3:o:apple:safari:::::::: cpe:2.3:o:apple:tvos:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:visionos:::::::: cpe:2.3:o:apple:watchos:::::::: cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:macos::::::::
First Time		Apple watchos Apple visionos Apple safari Apple Apple tvos Apple ipados Apple iphone Os Apple macos

29 Oct 2024, 23:15

Type	Values Removed	Values Added
References		() https://support.apple.com/en-us/121564 - () https://support.apple.com/en-us/121571 -
Summary	(en) A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. Processing maliciously crafted web content may lead to an unexpected process crash.	(en) A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may lead to an unexpected process crash.

29 Oct 2024, 14:34

Type	Values Removed	Values Added
Summary		(es) Se solucionó un problema de corrupción de memoria con una validación de entrada mejorada. Este problema se solucionó en iOS 18.1 y iPadOS 18.1, watchOS 11.1, visionOS 2.1 y tvOS 18.1. El procesamiento de contenido web manipulado con fines malintencionados puede provocar un bloqueo inesperado del proceso.

28 Oct 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-28 21:15

Updated : 2024-12-06 15:15

NVD link : CVE-2024-44244

Mitre link : CVE-2024-44244

CVE.ORG link : CVE-2024-44244

JSON object : View

Products Affected

apple

watchos
iphone_os
visionos
ipados
safari
macos
tvos

CWE

CWE-787

Out-of-bounds Write

4.3 /10