High severity8.8NVD Advisory· Published Feb 20, 2017· Updated Jun 17, 2026
CVE-2017-2372
CVE-2017-2372
Description
An issue was discovered in certain Apple products. GarageBand before 10.1.5 is affected. Logic Pro X before 10.3 is affected. The issue involves the "Projects" component, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted GarageBand project file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:apple:garageband:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:garageband:*:*:*:*:*:*:*:*range: <=10.1.4
- (no CPE)range: <10.1.5
cpe:2.3:a:apple:logic_pro_x:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:logic_pro_x:*:*:*:*:*:*:*:*range: <=10.2.4
- (no CPE)range: <10.3
Patches
Vulnerability mechanics
References
5- www.securityfocus.com/bid/95627nvdThird Party AdvisoryVDB Entry
- support.apple.com/HT207476nvdVendor Advisory
- support.apple.com/HT207477nvdVendor Advisory
- www.securitytracker.com/id/1037627nvd
- www.talosintelligence.com/reports/TALOS-2016-0262/nvd
News mentions
0No linked articles in our index yet.