CVE-2017-2372
published 2017-02-20CVE-2017-2372: An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects"…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GarageBand project file.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | garageband | <= 10.1.4 | — |
| apple | garageband | — | — |
| apple | logic_pro_x | <= 10.2.4 | — |
| apple | logic_pro_x | — | — |