This vulnerability allows remote malicious users to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DecodeRow function. Crafted data in a KTX image can trigger a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apple ipados |
||
apple iphone os |
||
apple mac os x 10.14 |
||
apple mac os x 10.14.0 |
||
apple mac os x 10.14.1 |
||
apple mac os x 10.14.2 |
||
apple mac os x 10.14.3 |
||
apple mac os x 10.14.4 |
||
apple mac os x 10.14.5 |
||
apple mac os x 10.14.6 |
||
apple mac os x 10.15 |
||
apple mac os x 10.15.1 |
||
apple mac os x 10.15.2 |
||
apple mac os x 10.15.3 |
||
apple mac os x 10.15.4 |
||
apple mac os x 10.15.5 |
||
apple mac os x 10.15.6 |
||
apple mac os x 10.15.7 |
||
apple macos |
||
apple tvos |
||
apple watchos |
Vulmon