Описание
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution.
Ссылки
- Release NotesVendor Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.4.8 (исключая)
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00117
Низкий
7.8 High
CVSS3
Дефекты
CWE-125
CWE-125
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution
EPSS
Процентиль: 31%
0.00117
Низкий
7.8 High
CVSS3
Дефекты
CWE-125
CWE-125