CVE-2022-22657
https://notcve.org/view.php?id=CVE-2022-22657
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de inicialización de la memoria con una administración de memoria mejorada. Este problema es corregido en Logic Pro versión 10.7.3, GarageBand versión 10.4.6 y macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213190 https://support.apple.com/en-us/HT213191 • CWE-665: Improper Initialization •
CVE-2022-22664
https://notcve.org/view.php?id=CVE-2022-22664
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. Se abordó un problema de lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en Logic Pro versión 10.7.3, GarageBand versión 10.4.6 y macOS Monterey versión 12.3. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213190 https://support.apple.com/en-us/HT213191 • CWE-125: Out-of-bounds Read •
CVE-2021-30654
https://notcve.org/view.php?id=CVE-2021-30654
This issue was addressed by removing additional entitlements. This issue is fixed in GarageBand 10.4.3. A local attacker may be able to read sensitive information. Se abordó este problema con la eliminación de derechos adicionales. Este problema es corregido en GarageBand versión 10.4.3. • https://support.apple.com/en-us/HT212299 •
CVE-2017-2374
https://notcve.org/view.php?id=CVE-2017-2374
An issue was discovered in certain Apple products. GarageBand before 10.1.6 is affected. The issue involves the "Projects" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted GarageBand project file. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/96171 http://www.securitytracker.com/id/1037868 http://www.talosintelligence.com/reports/TALOS-2017-0275 https://support.apple.com/HT207518 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2372
https://notcve.org/view.php?id=CVE-2017-2372
An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GarageBand project file. Se ha descubierto un problema en ciertos productos Apple. • http://www.securityfocus.com/bid/95627 http://www.securitytracker.com/id/1037627 http://www.talosintelligence.com/reports/TALOS-2016-0262 https://support.apple.com/HT207476 https://support.apple.com/HT207477 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •