CVE-2017-2441
Apple Security Advisory 2017-03-27-5
Severity Score
Exploit Likelihood
Affected Versions
4Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "libc++abi" component. A use-after-free vulnerability allows remote attackers to execute arbitrary code via a crafted C++ app that is mishandled during demangling.
Se ha descubierto un problema en ciertos productos Apple. iOS en versiones anteriores a 10.3 está afectado. macOS en versiones anteriores a 10.12.4 está afectado. tvOS en versiones anteriores a 10.2 está afectado. watchOS en versiones anteriores a 3.2 está afectado. El problema involucra al componente "libc++abi". Una vulnerabilidad de uso después de liberación de memoria permite a atacantes remotos ejecutar código arbitrario a través de una aplicación C++ manipulada que no se maneja adecuadamente durante el desmantelamiento.
macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite are now available and address multiple vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-12-01 CVE Reserved
- 2017-03-27 CVE Published
- 2024-08-05 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-416: Use After Free
CAPEC
References (6)
URL | Date | SRC |
---|
URL | Date | SRC |
---|