cve/2022/CVE-2022-42867.md

### [CVE-2022-42867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42867)
![](https://img.shields.io/static/v1?label=Product&message=tvOS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=watchOS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%2016.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%209.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Processing%20maliciously%20crafted%20web%20content%20may%20lead%20to%20arbitrary%20code%20execution&color=brighgreen)

### Description

A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.

### POC

#### Reference
- http://seclists.org/fulldisclosure/2022/Dec/20
- http://seclists.org/fulldisclosure/2022/Dec/23
- http://seclists.org/fulldisclosure/2022/Dec/26
- http://seclists.org/fulldisclosure/2022/Dec/27
- http://seclists.org/fulldisclosure/2022/Dec/28

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2022-42867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42867)`
			`![](https://img.shields.io/static/v1?label=Product&message=tvOS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=watchOS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%2016.2%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%209.2%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Processing%20maliciously%20crafted%20web%20content%20may%20lead%20to%20arbitrary%20code%20execution&color=brighgreen)`

			`### Description`

			`A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.`

			`### POC`

			`#### Reference`
			`- http://seclists.org/fulldisclosure/2022/Dec/20`
			`- http://seclists.org/fulldisclosure/2022/Dec/23`
			`- http://seclists.org/fulldisclosure/2022/Dec/26`
			`- http://seclists.org/fulldisclosure/2022/Dec/27`
			`- http://seclists.org/fulldisclosure/2022/Dec/28`

			`#### Github`
			`No PoCs found on GitHub currently.`