Lucene search
Mickey Jin of Trend Micro Mobile Security Research TeamZDI-21-756HistoryJun 25, 2021 - 12:00 a.m.
Apple macOS AudioCodecs LOAS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
2021-06-2500:00:00
Mickey Jin of Trend Micro Mobile Security Research Team
www.zerodayinitiative.com
55
0.001 Low
EPSS
Percentile
39.7%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the USACBitstreamReader function in AudioCodecs. Crafted data in a LOAS file can trigger an overflow of a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
References
Related
prion
prion
Cross site scripting
2021-09-08 15:15:00
nvd
nvd
CVE-2021-30686
2021-09-08 15:15:14
cve
cve
CVE-2021-30686
2021-09-08 15:15:14
cvelist
cvelist
CVE-2021-30686
2021-09-08 14:26:46
nessus
nessus
Apple TV < 14.6 Multiple Vulnerabilities
2021-05-27 00:00:00
macOS 11.x < 11.4 (HT212529)
2021-05-26 00:00:00
apple
apple
About the security content of watchOS 7.5
2021-05-24 00:00:00
About the security content of tvOS 14.6
2021-05-24 00:00:00
About the security content of iOS 14.6 and iPadOS 14.6
2021-05-24 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT212529)
2022-09-01 00:00:00