Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)


Apple GarageBand File Project File Processing Flaw Lets Remote Users Execute Arbitrary Code
Severity Rating: Medium
Systems Affected:
  • Apple GarageBand versions prior to 10.1.6
A vulnerability has been identified in Apple GarageBand and can be exploited by remote attackers to cause execution of arbitrary code on the affected system.  The vulnerability can allow remote attackers to create a specially crafted GarageBand Project file that when loaded by the user will trigger a memory corruption error and cause execution of arbitrary code on the affected system. The code will run with the privileges of the user.
Users are advised to apply updates.
More information about the update is available on:
Vendor Information
CVE Information
Security Tracker
Apple Security
Contact Information
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis