An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory.
The product reads data past the end, or before the beginning, of the intended buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mac_os_x | Apple | 10.15.7-security_update_2020-001 (including) | 10.15.7-security_update_2020-001 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2021-001 (including) | 10.15.7-security_update_2021-001 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2021-002 (including) | 10.15.7-security_update_2021-002 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2021-003 (including) | 10.15.7-security_update_2021-003 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2021-004 (including) | 10.15.7-security_update_2021-004 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2021-005 (including) | 10.15.7-security_update_2021-005 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2021-006 (including) | 10.15.7-security_update_2021-006 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2021-007 (including) | 10.15.7-security_update_2021-007 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2021-008 (including) | 10.15.7-security_update_2021-008 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2022-001 (including) | 10.15.7-security_update_2022-001 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2022-002 (including) | 10.15.7-security_update_2022-002 (including) |
Mac_os_x | Apple | 10.15.7-security_update_2022-003 (including) | 10.15.7-security_update_2022-003 (including) |
Macos | Apple | * | 10.15.7 (excluding) |
Macos | Apple | 11.0 (including) | 11.6.8 (excluding) |
Macos | Apple | 12.0 (including) | 12.5 (excluding) |
Macos | Apple | 10.15.7 (including) | 10.15.7 (including) |
Macos | Apple | 10.15.7-security_update_2022-004 (including) | 10.15.7-security_update_2022-004 (including) |