The issue was addressed with improved checks. This issue is fixed in iTunes 12.13.2 for Windows. Parsing a file may lead to an unexpected app termination or arbitrary code execution.
History

Mon, 09 Dec 2024 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple itunes
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*
Vendors & Products Apple
Apple itunes
Metrics cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-05-08T22:15:21.788Z

Updated: 2024-08-02T00:41:55.200Z

Reserved: 2024-02-26T15:32:28.515Z

Link: CVE-2024-27793

cve-icon Vulnrichment

Updated: 2024-08-02T00:41:55.200Z

cve-icon NVD

Status : Analyzed

Published: 2024-05-14T15:13:02.777

Modified: 2024-12-09T19:28:03.753

Link: CVE-2024-27793

cve-icon Redhat

No data.