CVE-2024-44157

Summary

A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file may lead to unexpected system termination.

Affected Software

VendorProductVersion RangeStatus
AppleApple TV0 < 1.5.0affected
AppleiTunes for Windows0 < 12.13.3affected

Weaknesses

  • Parsing a maliciously crafted video file may lead to unexpected system termination

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References