CVE-2024-27873

EUVD-2024-25066
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Processing a maliciously crafted video file may lead to unexpected app termination.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Affected Products (NVD)
VendorProductVersion
appleipados
𝑥
< 16.7.9
appleipados
17.0 ≤
𝑥
< 17.6
appleiphone_os
𝑥
< 16.7.9
appleiphone_os
17.0 ≤
𝑥
< 17.6
applemacos
𝑥
< 12.7.6
applemacos
13.0 ≤
𝑥
< 13.6.8
applemacos
14.0 ≤
𝑥
< 14.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/120908
https://support.apple.com/en-us/120909
https://support.apple.com/en-us/120910
https://support.apple.com/en-us/120911
https://support.apple.com/en-us/120912
http://seclists.org/fulldisclosure/2024/Jul/16
http://seclists.org/fulldisclosure/2024/Jul/17
http://seclists.org/fulldisclosure/2024/Jul/18
http://seclists.org/fulldisclosure/2024/Jul/19
http://seclists.org/fulldisclosure/2024/Jul/20
https://support.apple.com/en-us/HT214116
https://support.apple.com/en-us/HT214117
https://support.apple.com/en-us/HT214118
https://support.apple.com/en-us/HT214119
https://support.apple.com/en-us/HT214120
https://support.apple.com/kb/HT214117
https://support.apple.com/kb/HT214118
https://support.apple.com/kb/HT214119
https://support.apple.com/kb/HT214120