Home

CVE-2022-26751

Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6, macOS Monterey 12.4. Processing a maliciously crafted image may lead to arbitrary code execution.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.627

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2022-26751,CVE-2022-26711,CVE-2022-26774,CVE-2022-26773,CVE-2022-26717 are fixed in Apple iTunes (12.12.4.1)Windows
Vulnerabilities CVE-2022-26751,CVE-2022-26711,CVE-2022-26774,CVE-2022-26773,CVE-2022-26717 are fixed in Apple iTunes (X64) (12.12.4.1)Windows
Multiple vulnerabilities are fixed in Apple iTunes (X64) (12.12.4.1)Windows
Multiple vulnerabilities are fixed in Apple iTunes (12.12.4.1)Windows
Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.12.3Windows
Multiple Vulnerabilities are affected in Apple iTunes 12.12.3Windows
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.4 (Software Update) - AutoRebootMac
Multiple vulnerabilities are fixed in MacOS Big Sur 11.6.6 - Software UpdateMac
Vulnerabilities CVE-2022-26711,CVE-2022-26717,CVE-2022-26751 are affected in Apple iTunes For Mac 12.12.3Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-324938Apple iTunes (12.12.4.1)
PATCH-324939Apple iTunes (X64) (12.12.4.1)
PATCH-334920Apple iTunes (X64) (12.13.1.3)
PATCH-334919Apple iTunes (12.13.1.3)
PATCH-608134Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-605753MacOS Big Sur 11.7.10 - Software Update (Force Reboot)(CVE-2023-41064)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234