What is the severity of CVE-2017-5949?

CVE-2017-5949 has a high severity level due to its potential to cause a denial of service through heap-based out-of-bounds write.

How do I fix CVE-2017-5949?

To fix CVE-2017-5949, update Safari Technology Preview to the latest version available.

What software is affected by CVE-2017-5949?

CVE-2017-5949 specifically affects Safari Technology Preview Release 22.

What type of vulnerability is CVE-2017-5949?

CVE-2017-5949 is a heap-based out-of-bounds write vulnerability in JavaScriptCore components.

Can CVE-2017-5949 be exploited remotely?

Yes, CVE-2017-5949 can be exploited remotely through crafted JavaScript code.

Vulnerability/
CVE-2017-5949

critical

9.8

CWE

787

3/4/2017

5/8/2024

CVE-2017-5949

First published: Mon Apr 03 2017(Updated: )

JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service (heap-based out-of-bounds write and application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers access to red-zone memory locations, related to jit/ThunkGenerators.cpp, llint/LowLevelInterpreter32_64.asm, and llint/LowLevelInterpreter64.asm.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Apple Mobile Safari	=22

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-5949?
CVE-2017-5949 has a high severity level due to its potential to cause a denial of service through heap-based out-of-bounds write.
How do I fix CVE-2017-5949?
To fix CVE-2017-5949, update Safari Technology Preview to the latest version available.
What software is affected by CVE-2017-5949?
CVE-2017-5949 specifically affects Safari Technology Preview Release 22.
What type of vulnerability is CVE-2017-5949?
CVE-2017-5949 is a heap-based out-of-bounds write vulnerability in JavaScriptCore components.
Can CVE-2017-5949 be exploited remotely?
Yes, CVE-2017-5949 can be exploited remotely through crafted JavaScript code.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/references
agent/weakness
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/apple
canonical/apple mobile safari
version/apple mobile safari/22

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2017-5949?
CVE-2017-5949 has a high severity level due to its potential to cause a denial of service through heap-based out-of-bounds write.
How do I fix CVE-2017-5949?
To fix CVE-2017-5949, update Safari Technology Preview to the latest version available.
What software is affected by CVE-2017-5949?
CVE-2017-5949 specifically affects Safari Technology Preview Release 22.
What type of vulnerability is CVE-2017-5949?
CVE-2017-5949 is a heap-based out-of-bounds write vulnerability in JavaScriptCore components.
Can CVE-2017-5949 be exploited remotely?
Yes, CVE-2017-5949 can be exploited remotely through crafted JavaScript code.