CVE-2024-40817
MEDIUM | Platform: macOS | Changelog
CVE Details
Description
The issue was addressed with improved UI handling. This issue is fixed in Safari 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Visiting a website that frames malicious content may lead to UI spoofing.
CVSS 3.1 Score
| Metric | Value |
|---|---|
| Base Score | 6.1 (MEDIUM) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Weakness
References
- Apple Security Advisory
- NVD Entry
- https://support.apple.com/en-us/120910
- https://support.apple.com/en-us/120912
- https://support.apple.com/en-us/120913
- http://seclists.org/fulldisclosure/2024/Jul/15 (Mailing List, Third Party Advisory)
- http://seclists.org/fulldisclosure/2024/Jul/18 (Mailing List, Third Party Advisory)
- http://seclists.org/fulldisclosure/2024/Jul/19 (Mailing List, Third Party Advisory)
- http://seclists.org/fulldisclosure/2024/Jul/20 (Mailing List, Third Party Advisory)