An issue exists in certain Apple products. macOS prior to 10.12.1 is affected. The issue involves the "ImageIO" component. It allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) via a crafted PDF file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |
Get patching now
Apple has distributed a fresh round of security updates to address remote-code execution holes in iOS, macOS, Safari, and the firmware for Apple Watch and AppleTV. Miscreants who exploit these flaws can take over the vulnerable device – all a victim has to do is open a JPEG or PDF file booby-trapped with malicious code, so get patching before you're caught out. The fixes come just days before the Cupertino developer of TextEdit is set to hold a special event to introduce a (presumed) refresh o...