nvd-json-data-feeds/CVE-2024/CVE-2024-232xx/CVE-2024-23247.json

{
  "id": "CVE-2024-23247",
  "sourceIdentifier": "product-security@apple.com",
  "published": "2024-03-08T02:15:48.387",
  "lastModified": "2024-12-06T01:58:51.233",
  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. Processing a file may lead to unexpected app termination or arbitrary code execution."
    },
    {
      "lang": "es",
      "value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5. El procesamiento de un archivo puede provocar la finalizaci\u00f3n inesperada de la aplicaci\u00f3n o la ejecuci\u00f3n de c\u00f3digo arbitrario."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      },
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "12.0",
              "versionEndExcluding": "12.7.4",
              "matchCriteriaId": "A61173BD-535F-46FC-B40F-DA78B168E420"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "13.0",
              "versionEndExcluding": "13.6.5",
              "matchCriteriaId": "69C4F06A-061F-46B3-8BB7-5C9B47C00956"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "14.0",
              "versionEndExcluding": "14.4",
              "matchCriteriaId": "73160D1F-755B-46D2-969F-DF8E43BB1099"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://seclists.org/fulldisclosure/2024/Mar/21",
      "source": "product-security@apple.com",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "http://seclists.org/fulldisclosure/2024/Mar/22",
      "source": "product-security@apple.com",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "http://seclists.org/fulldisclosure/2024/Mar/23",
      "source": "product-security@apple.com",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "https://support.apple.com/en-us/HT214083",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://support.apple.com/en-us/HT214084",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://support.apple.com/en-us/HT214085",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://seclists.org/fulldisclosure/2024/Mar/21",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "http://seclists.org/fulldisclosure/2024/Mar/22",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "http://seclists.org/fulldisclosure/2024/Mar/23",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ]
    },
    {
      "url": "https://support.apple.com/en-us/HT214083",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://support.apple.com/en-us/HT214084",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://support.apple.com/en-us/HT214085",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}