CVE-2024-27859 – Apple Web Content Arbitrary Code Execution Vulnerability

The following table lists the changes that have been made to the CVE-2024-27859 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics.

  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Feb. 11, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    Added CWE CWE-94
  • New CVE Received by [email protected]

    Feb. 10, 2025

    Action Type Old Value New Value
    Added Description The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, tvOS 17.4, watchOS 10.4, visionOS 1.1, macOS Sonoma 14.4. Processing web content may lead to arbitrary code execution.
    Added Reference https://support.apple.com/en-us/120881
    Added Reference https://support.apple.com/en-us/120882
    Added Reference https://support.apple.com/en-us/120883
    Added Reference https://support.apple.com/en-us/120893
    Added Reference https://support.apple.com/en-us/120895

نوشته های مشابه

CVE-2024-10644 – Ivanti Connect Secure and Ivanti Policy Secure Code Injection Vulnerability

CVE-2024-47908 – Ivanti CSA OS Command Injection Vulnerability

CVE-2025-22467 – Ivanti Connect Secure Stack-Based Buffer Overflow Vulnerability

CVE-2025-24896 – Misskey Persistent Authentication Token Vulnerability