Vulnerability Spotlight: Apple Garage Band Out Of Bounds Write Vulnerability

SERVIDORES

Discovered by Tyler Bohan of Cisco Talos

Overview

Talos is disclosing TALOS-2016-0262 (CVE-2017-2372) and TALOS-2017-0275 (CVE-2017-2374), an out of bounds write vulnerability in Apple GarageBand. GarageBand is a music creation program, allowing users to create and edit music easily and effectively from their Mac computer. GarageBand is installed by default on all Mac computers so there is a significant number of potential victims. This issue was partially resolved on 1/18/17 with a patch which addressed CVE-2017-2372, the patch released on 2/13/17 addressed CVE-2017-2374 resolving the issue.

This particular vulnerability is the result of the way the application parses the proprietary file format used for GarageBand files, .band. The format is broken into chunks with a specific length field for each. This length is controlled by the user and can be leveraged to expose an exploitable condition. This vulnerability could be exploited by a user opening a specially crafted .band file.

Cisco Price, Dell Price, Huawei Price, ZTE HPE Fortinet Switch Router Server At Low Price

SERVIDORES

NOTÍCIAS QUENTES

Huawei Switches Visio Stencils

Huawei Switches Distributor in UAE

PoE vs PoE+ vs UPoE: What's the best switch to meet your network needs?

Understanding PoE Standards and Wattage

Power Supply Standards for POE Switches. Why is the Power Supply Distance Limited to 100 Meters?

How to Choose the Right 10G SFP+ Module: SR, LR, or LRM?

Huawei Switches: Comprehensive Guide and Insights

How Does Cisco Wireless Network Work?

How Do I Connect to a Cisco Wireless Router?

Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide

Cisco Access Point and Wireless Controller Selector

Compare Cisco Wireless Architectures and AP Modes

Cisco Wireless Architectures and AP Modes

Joining Process of an Cisco Access Point

Cisco Wireless AP Datasheet

Cisco Wireless AP and Controllers: A Comprehensive Guide to Efficient Networking

Cisco Aironet 3700 Series Access Points Datasheet

Cisco Wireless AP License: Unlocking the Power of Cisco DNA Software for Wireless Networks

Set up a Wireless Network using a Wireless Access Point (WAP)

Cisco Wireless Access Point (AP) Modes Explained

Cisco Wireless AP Comparison: A Comprehensive Guide to Finding the Right Solution for Your Network Needs

Cisco Business Wireless Startup LED Status Codes

Regulatory Compliance (Rest of the World) for Domain Reduction

Getting Started with the Cisco Catalyst Wireless Mobile Application

Cisco Wireless AP Models

Cisco Wireless Access Points: Future-Proofing Connectivity for the Modern Workplace

Cisco 9300 Stacking Configuration Guide Book

Best Practices for Cisco Catalyst 9300 Switches

Cisco 9300 Switches Dimensions

Cisco Catalyst IE9300 Rugged Series Data Sheet

Vulnerability Spotlight: Apple Garage Band Out of Bounds Write Vulnerability

Overview

Tags quentes : Cisco Talos Talos 0-day Vulnerability Research vulnerability disclosure

Ordering Guide

Recursos

Quem somos