CVE-2024-27793

Опубликовано: 14 мая 2024

Источник: nvd

CVSS3: 7.8

CVSS3: 6.3

EPSS Низкий

Описание

The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows. Parsing a file may lead to an unexpected app termination or arbitrary code execution.

Ссылки

http://seclists.org/fulldisclosure/2024/May/8
Mailing List
https://support.apple.com/en-us/HT214099
Vendor Advisory
http://seclists.org/fulldisclosure/2024/May/8
Mailing List
https://support.apple.com/en-us/HT214099
Vendor Advisory
https://support.apple.com/kb/HT214099

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*

Версия до 12.13.2 (исключая)

EPSS

Процентиль: 63%

0.00442

Низкий

7.8 High

CVSS3

6.3 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-94

Связанные уязвимости

GHSA-3m3m-q3hw-6qq6

CVSS3: 6.3

github

больше 1 года назад

The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows. Parsing a file may lead to an unexpected app termination or arbitrary code execution.

EPSS

Процентиль: 63%

0.00442

Низкий

7.8 High

CVSS3

6.3 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-94