CVE-2024-44302 Information
Nov 01, 2024
cve
Description
The issue was addressed with improved checks. This issue is fixed in tvOS 18.1 iOS 18.1 and iPadOS 18.1 iOS 17.7.1 and iPadOS 17.7.1 macOS Ventura 13.7.1 macOS Sonoma 14.7.1 watchOS 11.1 visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Reference
https://support.apple.com/en-us/121570 https://support.apple.com/en-us/121566 https://support.apple.com/en-us/121567 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121569 https://support.apple.com/en-us/121565 https://support.apple.com/en-us/121563
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
5.5
Share on: