Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.1
CVSSv3

CVE-2023-32443

Published: 27/07/2023 Updated: 03/08/2023
CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Apple

Vulnerability Summary

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple macos

Vendor Advisories

Apple: macOS Ventura 13.5
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID&nbsp ...
Apple: macOS Big Sur 11.7.9
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID&nbsp ...
Apple: macOS Monterey 12.6.8
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID&nbsp ...

Github Repositories

https://github.com/xsscx/Commodity-Injection-Signatures

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

XSSCx Public Repo Last Update: 8 NOV 2023 Added CVE-2022-26730 ICC Color Profile Sample PoC's Added CVE Color Profile samples known to Crash many OS srdcx/cve-2022-26730/ srdcx/cve-2023-32443/ Added PoC's from my CVE's in DemoMaxICC Reference Implementation [githubcom/InternationalColorConsortium/DemoIccMAX] Functionality in Skia, We

https://github.com/xsscx/macos-research

Welcome to Hoyt's macOS Fuzzing & Code Repo. Contribute Code or Open an Issue or Discussion.

macOS | XNU Research | Source Code | PoC's and more whoami I am David Hoyt I was in the Apple Security Research Device Program for 2021 & 2022 Apple sent me an iPhone 11 & iPhone 12 for A/B testing, very helpful This Project is some of the Code I wrote for debugging on the SRD Last Updated: 26 FEB 2024 at 1745 EST P0's iOSOnMac with Mods https

References

CWE-125https://support.apple.com/en-us/HT213845https://support.apple.com/en-us/HT213843https://support.apple.com/en-us/HT213844https://nvd.nist.govhttps://github.com/xsscx/Commodity-Injection-Signatureshttps://support.apple.com/kb/HT213843
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120CVE-2024-35921CVE-2024-35874brute forceCVE-2024-36080unprivilegedCVE-2024-35917IDORCVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook