CVE-2019-8602
Description
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to elevate privileges.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
4.1
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update iCloud (7.12.0.14) fixes multiple vulnerabilities. | Windows |
| Update Apple iTunes (X64) (12.9.5.7) fixes multiple vulnerabilities. | Windows |
| iCloud 10.4 fixes multiple vulnerabilities in Windows 10 version 18362.145 or higher | Windows |
| Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.9.4 | Windows |
| Multiple Vulnerabilities are affected in Apple iTunes 12.9.4 | Windows |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.5 Combo Update | Mac |
| Multiple vulnerabilities are fixed in macOS Mojave 10.14.5 | Mac |
| Multiple Vulnerabilities are affected in Apple iTunes For Mac 12.9.4 | Mac |
| Vulnerabilities CVE-2019-8577,CVE-2019-8602 are affected in Apple Safari for MAC 12.1 | Mac |
| Multiple Vulnerabilities are affected in Apple Safari for MAC 12.1 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-309928 | iCloud (7.12.0.14) |
| PATCH-309938 | Apple iTunes (X64) (12.9.5.7) |
| PATCH-316162 | iCloud (7.21.0.23) (Deployment-Only) |
| PATCH-602005 | macOS Mojave 10.14.6 Combo Update |
| PATCH-602004 | macOS Mojave 10.14.6 |
| PATCH-611604 | Apple Safari for MAC (MacOS Sonoma) (18.6) |
| PATCH-611604 | Apple Safari for MAC (MacOS Sonoma) (18.6) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234