CVE-2019-8639

8.8HIGH

Key Information:

Vendor: Apple
Status: iOS; Watch OS; Safari; Itunes For Windows
Vendor: CVE Published:; 27 October 2020

Summary

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected Version(s)

iCloud for Windows < 7.11

iOS < 12.2

iTunes for Windows < 12.9

References

https://support.apple.com/en-us/HT209599

x_refsource_MISC

https://support.apple.com/en-us/HT209602

x_refsource_MISC

https://support.apple.com/en-us/HT209603

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 27, 2020
Vulnerability Reserved
Feb 18, 2019

.