Vulnerabilities > CVE-2023-40417 - Unspecified vulnerability in Apple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
A window management issue was addressed with improved state management. This issue is fixed in Safari 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Visiting a website that frames malicious content may lead to UI spoofing.
Vulnerable Configurations
References
- http://seclists.org/fulldisclosure/2023/Oct/2
- http://seclists.org/fulldisclosure/2023/Oct/2
- http://seclists.org/fulldisclosure/2023/Oct/3
- http://seclists.org/fulldisclosure/2023/Oct/3
- http://seclists.org/fulldisclosure/2023/Oct/8
- http://seclists.org/fulldisclosure/2023/Oct/8
- http://seclists.org/fulldisclosure/2023/Oct/9
- http://seclists.org/fulldisclosure/2023/Oct/9
- https://support.apple.com/en-us/HT213937
- https://support.apple.com/en-us/HT213937
- https://support.apple.com/en-us/HT213938
- https://support.apple.com/en-us/HT213938
- https://support.apple.com/en-us/HT213940
- https://support.apple.com/en-us/HT213940
- https://support.apple.com/en-us/HT213941
- https://support.apple.com/en-us/HT213941