7.8

CVE-2024-44126

The issue was addressed with improved checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7.1, visionOS 2. Processing a maliciously crafted file may lead to heap corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPadOS Version < 17.7
AppleiPhone OS Version < 17.7
ApplemacOS Version < 13.7.1
ApplemacOS Version >= 14.0 < 14.7
ApplevisionOS Version < 2.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.173
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://support.apple.com/en-us/121238
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121250
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121246
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121247
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121249
Vendor Advisory
Release Notes
https://support.apple.com/en-us/121568
Vendor Advisory
Release Notes
http://seclists.org/fulldisclosure/2024/Oct/13