CVE-2022-26717 PoC — Apple tvOS 资源管理错误漏洞

Source

https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit

Associated Vulnerability

Title:Apple tvOS 资源管理错误漏洞 (CVE-2022-26717)
Description:Apple tvOS是美国苹果（Apple）公司的一套智能电视操作系统。 Apple tvOS 存在资源管理错误漏洞，该漏洞源于WebKit在处理HTML内容时存在释放后重用错误。远程攻击者可以诱导受害者访问一个特别制作的网站，触发内存损坏和执行系统上的任意代码。以下产品及版本受到影响：Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD。

Readme

## Safari WebGL XFB Use After Free Vulnerability
	- CVE-2022-26717

## Credits
    - Jeonghoon Shin(@singi21a) of Theori

## Patch & Updates
    - https://support.apple.com/en-us/HT213260

File Snapshot


 [4.0K]  /data/pocs/b916d19ae124778c48542c5830dcd350d052aa7c
├── [6.5M]  demo.gif
├── [9.0K]  exploit.html
├── [3.9K]  poc.html
└── [ 188]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.