{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-44157","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2024-08-20T21:42:05.924Z","datePublished":"2024-10-11T17:26:55.533Z","dateUpdated":"2026-04-02T18:16:25.758Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"Parsing a maliciously crafted video file may lead to unexpected system termination"}]}],"affected":[{"vendor":"Apple","product":"Apple TV","versions":[{"version":"0","status":"affected","lessThan":"1.5.0","versionType":"custom"}]},{"vendor":"Apple","product":"iTunes for Windows","versions":[{"version":"0","status":"affected","lessThan":"12.13.3","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file may lead to unexpected system termination."}],"references":[{"url":"https://support.apple.com/en-us/121328"},{"url":"https://support.apple.com/en-us/121441"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:16:25.758Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-120","lang":"en","description":"CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.5,"attackVector":"LOCAL","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","integrityImpact":"NONE","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-10-15T18:21:33.448425Z","id":"CVE-2024-44157","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-27T01:45:07.331Z"}}]}}