Lucene search
Mickey Jin (@patch1t) of Trend MicroZDI-21-1369HistoryNov 30, 2021 - 12:00 a.m.
Apple macOS ModelIO ABC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2021-11-3000:00:00
Mickey Jin (@patch1t) of Trend Micro
www.zerodayinitiative.com
23
vulnerability
apple macos
modelio
abc file
information disclosure
remote attackers
modelio library
data structure
arbitrary code
EPSS
0.001
Percentile
47.5%
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ModelIO framework. Crafted data in an ABC file can trigger a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
References
Related
cvelist
cvelist
CVE-2021-30910
2021-08-24 18:50:13
nvd
nvd
CVE-2021-30910
2021-08-24 19:15:18
prion
prion
Cross site scripting
2021-08-24 19:15:00
cve
cve
CVE-2021-30910
2021-08-24 19:15:18
nessus
nessus
macOS 10.15.x < Catalina Security Update 2021-007 Catalina (HT212871)
2021-11-01 00:00:00
macOS 11.x < 11.6.1 (HT212872)
2021-10-29 00:00:00
macOS 12.x < 12.0.1 (HT212869)
2021-10-29 00:00:00
apple
apple
About the security content of tvOS 15.1
2021-10-25 00:00:00
About the security content of iOS 15.1 and iPadOS 15.1
2021-10-25 00:00:00
About the security content of Security Update 2021-007 Catalina
2021-10-25 00:00:00
malwarebytes
malwarebytes
Update now! Apple patches bugs in iOS and iPadOS
2021-10-27 12:23:08
openvas
openvas
Apple Mac OS X Security Update (HT212147)HT212871
2021-10-28 00:00:00
Apple Mac OS X Security Update (HT212872)
2021-10-28 00:00:00
Apple Mac OS X Security Update (HT212869)
2022-09-22 00:00:00