First published: Mon Mar 27 2017(Updated: )
FontParser. Multiple memory corruption issues were addressed through improved input validation.
Credit: riusksk (泉哥) Tencent Security Platform Department product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS and iPadOS | <10.3 | 10.3 |
iPhone OS | <=10.2.1 | |
Apple iOS and macOS | <=10.12.3 | |
tvOS | <=10.1.1 | |
Apple iOS, iPadOS, and watchOS | <=3.1.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2017-2407 is classified with a high severity rating due to the multiple memory corruption issues it presents.
To mitigate CVE-2017-2407, users should update their affected Apple devices to the latest operating system version.
CVE-2017-2407 affects specific versions of Apple iOS, macOS, tvOS, and watchOS prior to the latest updates.
CVE-2017-2407 may lead to unauthorized access or arbitrary code execution due to memory corruption vulnerabilities.
There are no documented workarounds for CVE-2017-2407; the recommended action is to apply the appropriate updates.