Vulnerability in Apple Products: Remote Information Disclosure and Denial of Service via Crafted XML File

Vulnerability in Apple Products: Remote Information Disclosure and Denial of Service via Crafted XML File

CVE-2017-7010 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. iCloud before 6.2.2 on Windows is affected. iTunes before 12.6.2 on Windows is affected. tvOS before 10.2.2 is affected. The issue involves the "libxml2" component. It allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted XML file.

Learn more about our Cis Benchmark Audit For Apple Ios.