发布于3月6日3月6日 Members OS X update for Foundation (CVE-2023-27937) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 03/28/2023 Created 03/28/2023 Added 03/28/2023 Modified 01/28/2025 Description An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, tvOS 16.4, watchOS 9.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution. Solution(s) apple-osx-upgrade-11_7_5 apple-osx-upgrade-12_6_4 apple-osx-upgrade-13_3 References https://attackerkb.com/topics/cve-2023-27937 CVE - 2023-27937 https://support.apple.com/kb/HT213670 https://support.apple.com/kb/HT213675 https://support.apple.com/kb/HT213677
