Lucene search
JzhuZDI-21-784HistoryJul 12, 2021 - 12:00 a.m.
Apple macOS ImageIO PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2021-07-1200:00:00
Jzhu
www.zerodayinitiative.com
55
0.001 Low
EPSS
Percentile
47.1%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ImageIO framework. Crafted data in a PICT image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
References
Related
cve
cve
CVE-2021-30743
2021-09-08 14:15:09
cvelist
cvelist
CVE-2021-30743
2021-09-08 13:44:54
prion
prion
Input validation
2021-09-08 14:15:00
nvd
nvd
CVE-2021-30743
2021-09-08 14:15:09
zdi
zdi
qualysblog
qualysblog
apple
apple
About the security content of watchOS 7.4
2021-04-26 00:00:00
About the security content of tvOS 14.5
2021-04-26 00:00:00
About the security content of Security Update 2021-003 Catalina
2021-05-24 00:00:00
nessus
nessus
macOS 10.15.x < 10.15.7 Security Update 2021-002 Catalina (HT212530)
2021-05-26 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT212325)
2022-09-02 00:00:00