An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the Printing component. A format-string vulnerability allows remote attackers to execute arbitrary code via a crafted ipp: or ipps: URL.
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mac_os_x | Apple | * | 10.12.3 (including) |