CVE-2019-8746
Description
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.306
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities fixed in iCloud 10.7 | Windows |
| Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.10.0 | Windows |
| Multiple Vulnerabilities are affected in Apple iTunes 12.10.0 | Windows |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.7 - Auto Reboot | Mac |
| Multiple vulnerabilities are fixed in macOS Catalina 10.15.7 Combo Update - Auto Reboot | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.6 | Mac |
| Multiple vulnerabilities are fixed in macOS Catalina 10.15.6 Combo Update | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.5 | Mac |
| Multiple vulnerabilities are fixed in macOS Catalina 10.15.5 Combo Update | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.5 (Deployment-Only) | Mac |
| Multiple vulnerabilities are fixed in macOS Catalina 10.15.5 Combo Update (Deployment-Only) | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.4 | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.4 Combo Update | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.4 (Deployment-Only) | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.4 Combo Update (Deployment-Only) | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.3 | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.3 Combo Update | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2 | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.2 Combo Update | Mac |
| Multiple vulnerabilities are fixed in MacOS Catalina 10.15.1 | Mac |
| Multiple Vulnerabilities are affected in Apple iTunes For Mac 12.9.6 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-316162 | iCloud (7.21.0.23) (Deployment-Only) |
| PATCH-602673 | MacOS Catalina 10.15.7 - Auto Reboot |
| PATCH-602674 | macOS Catalina 10.15.7 Combo Update - Auto Reboot |
| PATCH-602673 | MacOS Catalina 10.15.7 - Auto Reboot |
| PATCH-602674 | macOS Catalina 10.15.7 Combo Update - Auto Reboot |
| PATCH-602673 | MacOS Catalina 10.15.7 - Auto Reboot |
| PATCH-602674 | macOS Catalina 10.15.7 Combo Update - Auto Reboot |
| PATCH-602736 | MacOS Catalina 10.15.5 (Deployment-Only) |
| PATCH-602738 | macOS Catalina 10.15.5 Combo Update (Deployment-Only) |
| PATCH-602673 | MacOS Catalina 10.15.7 - Auto Reboot |
| PATCH-602674 | macOS Catalina 10.15.7 Combo Update - Auto Reboot |
| PATCH-602735 | MacOS Catalina 10.15.4 (Deployment-Only) |
| PATCH-602737 | MacOS Catalina 10.15.4 Combo Update (Deployment-Only) |
| PATCH-602673 | MacOS Catalina 10.15.7 - Auto Reboot |
| PATCH-602674 | macOS Catalina 10.15.7 Combo Update - Auto Reboot |
| PATCH-602673 | MacOS Catalina 10.15.7 - Auto Reboot |
| PATCH-602674 | macOS Catalina 10.15.7 Combo Update - Auto Reboot |
| PATCH-602673 | MacOS Catalina 10.15.7 - Auto Reboot |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234