CVE-2017-2372

CVE Database · CVE-2017-2372

CVE-2017-2372

· N/AModified

CVSS v3.1

N/A

EPSS

1.98%

Published

Feb 20, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GarageBand project file.

Weaknesses (CWE)

CWE-119

Affected Products (2)

apple · logic_pro_xvulnerable

apple · garagebandvulnerable

References (10)

http://www.securityfocus.com/bid/95627

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037627

http://www.talosintelligence.com/reports/TALOS-2016-0262/

https://support.apple.com/HT207476

Vendor Advisory