CVE-2019-8506
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.
Published
2019-12-18T18:15:22.880
Last Modified
2025-02-28T14:47:04.510
Status
Analyzed
Source
[email protected]
Severity
CVSSv3.1: 8.8 (HIGH)
CVSSv2 Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
- Access Vector: NETWORK
- Access Complexity: MEDIUM
- Authentication: NONE
- Confidentiality Impact: COMPLETE
- Integrity Impact: COMPLETE
- Availability Impact: COMPLETE
Exploitability Score
8.6
Impact Score
10.0
Weaknesses
-
Type: Primary
CWE-843
-
Type: Secondary
CWE-843
Affected Vendors & Products
References
-
https://support.apple.com/HT209599
Vendor Advisory, Release Notes
([email protected])
-
https://support.apple.com/HT209601
Vendor Advisory, Release Notes
([email protected])
-
https://support.apple.com/HT209602
Vendor Advisory, Release Notes
([email protected])
-
https://support.apple.com/HT209603
Vendor Advisory, Release Notes
([email protected])
-
https://support.apple.com/HT209604
Vendor Advisory, Release Notes
([email protected])
-
https://support.apple.com/HT209605
Vendor Advisory, Release Notes
([email protected])
-
https://support.apple.com/HT209599
Vendor Advisory, Release Notes
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/HT209601
Vendor Advisory, Release Notes
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/HT209602
Vendor Advisory, Release Notes
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/HT209603
Vendor Advisory, Release Notes
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/HT209604
Vendor Advisory, Release Notes
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/HT209605
Vendor Advisory, Release Notes
(af854a3a-2127-422b-91ae-364da2661108)