CVE-2021-30860 - Apple Multiple Products Integer Overflow Vulnerability
Project:Apple
Product:Multiple Products
Date Added:2021-11-03Due Date:2021-11-17
Vulnerability Name
Apple Multiple Products Integer Overflow Vulnerability
Description
Apple iOS, iPadOS, macOS, and watchOS CoreGraphics contain an integer overflow vulnerability which may allow code execution when processing a maliciously crafted PDF. The vulnerability is also known under the moniker of FORCEDENTRY.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-30860