CVE-2022-26711
Description
An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.178
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2022-26751,CVE-2022-26711,CVE-2022-26774,CVE-2022-26773,CVE-2022-26717 are fixed in Apple iTunes (12.12.4.1) | Windows |
| Vulnerabilities CVE-2022-26751,CVE-2022-26711,CVE-2022-26774,CVE-2022-26773,CVE-2022-26717 are fixed in Apple iTunes (X64) (12.12.4.1) | Windows |
| Multiple vulnerabilities are fixed in Apple iTunes (X64) (12.12.4.1) | Windows |
| Multiple vulnerabilities are fixed in Apple iTunes (12.12.4.1) | Windows |
| Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.12.3 | Windows |
| Multiple Vulnerabilities are affected in Apple iTunes 12.12.3 | Windows |
| Multiple vulnerabilities are fixed in Mac OS - Monterey 12.4 (Software Update) - AutoReboot | Mac |
| Vulnerabilities CVE-2022-26711,CVE-2022-26717,CVE-2022-26751 are affected in Apple iTunes For Mac 12.12.3 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-324938 | Apple iTunes (12.12.4.1) |
| PATCH-324939 | Apple iTunes (X64) (12.12.4.1) |
| PATCH-334920 | Apple iTunes (X64) (12.13.1.3) |
| PATCH-334919 | Apple iTunes (12.13.1.3) |
| PATCH-608134 | Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234