ByteOS Network

NVD Vulnerability Details :

CVE-2019-8687

Analyzed

Source-product-security@apple.com

Published At-18 Dec, 2019 | 18:15

Updated At-21 Jul, 2021 | 11:39

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary	2.0	6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P

Type: Primary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 6.8

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:P/I:P/A:P

CPE Matches

Apple Inc.

>>icloud>>Versions before 7.13(exclusive)

cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*

Apple Inc.

>>icloud>>Versions from 10.0(inclusive) to 10.6(exclusive)

cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*

Apple Inc.

>>itunes>>Versions before 12.9.6(exclusive)

cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*

Apple Inc.

>>safari>>Versions before 12.1.2(exclusive)

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

Apple Inc.

>>iphone_os>>Versions before 12.4(exclusive)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Apple Inc.

>>mac_os_x>>Versions before 10.14.6(exclusive)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Apple Inc.

>>tvos>>Versions before 12.4(exclusive)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-787	Primary	nvd@nist.gov

CWE ID: CWE-787

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://support.apple.com/HT210346	product-security@apple.com	Vendor Advisory
https://support.apple.com/HT210348	product-security@apple.com	Vendor Advisory
https://support.apple.com/HT210351	product-security@apple.com	Vendor Advisory
https://support.apple.com/HT210355	product-security@apple.com	Vendor Advisory
https://support.apple.com/HT210356	product-security@apple.com	Vendor Advisory
https://support.apple.com/HT210357	product-security@apple.com	Vendor Advisory
https://support.apple.com/HT210358	product-security@apple.com	Vendor Advisory