An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/HT213650 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/HT213650 | Release Notes Vendor Advisory |
Configurations
History
21 Nov 2024, 07:53
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://support.apple.com/en-us/HT213650 - Release Notes, Vendor Advisory |
27 Jul 2023, 01:15
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution. |
11 May 2023, 20:36
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Apple macos
Apple |
|
| CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | |
| CWE | CWE-125 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| References | (MISC) https://support.apple.com/en-us/HT213650 - Release Notes, Vendor Advisory |
08 May 2023, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-05-08 20:15
Updated : 2025-01-29 20:15
NVD link : CVE-2023-27938
Mitre link : CVE-2023-27938
CVE.ORG link : CVE-2023-27938
JSON object : View
Products Affected
apple
- macos
CWE
CWE-125
Out-of-bounds Read