CVE-2017-13890

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. macOS before 10.13 is affected. The issue involves the "CoreTypes" component. It allows remote attackers to trigger disk-image mounting via a crafted web site.
References
Link Resource
http://www.securityfocus.com/bid/103579 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040608 Third Party Advisory VDB Entry
https://support.apple.com/HT208144 Vendor Advisory
https://support.apple.com/HT208692 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-04-03 06:29

Updated : 2024-02-04 19:46


NVD link : CVE-2017-13890

Mitre link : CVE-2017-13890

CVE.ORG link : CVE-2017-13890


JSON object : View

Products Affected

apple

  • mac_os_x
CWE
CWE-20

Improper Input Validation