CVE-2019-8507 — Improper Input Validation in Apple Macos

CWE-20 — Improper Input Validation11 documents4 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 81.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Macos Apple MAC OS X Apple Macos Mojave 10.14.4 Security Update 2019-002 High Sierra Security Update 2019-0

Timeline

PublishedDec 18

Latest updateMay 24

Description

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.4. Processing malicious data may lead to unexpected application termination.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶Appleapple/macos_mojave_10.14.4_security_update_2019-002_high_sierra_security_update_2019-0

▶CVEListV5apple/macosunspecified — macOS Mojave 10.14.4

▶NVDapple/mac_os_x< 10.14.4

🔴Vulnerability Details

GHSA

GHSA-rxgh-9c22-r8rj: Multiple memory corruption issues were addressed with improved input validation↗2022-05-24

▶

📋Vendor Advisories

Apple

CVE-2019-8507: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra↗2019-03-25

▶

🕵️Threat Intelligence

Fortinet

Critical Apache Log4j Vulnerability Updates | FortiGuard Labs↗2021-12-21

▶

Fortinet

“BlueKeep” Vulnerability (CVE-2019-0708) within Cloud/Datacenter Machines: How to Safeguard Yourself?↗2019-06-12

▶

Fortinet

Detailed Analysis of macOS Vulnerability CVE-2019-8507↗2019-04-23

▶

Fortinet

WordPress WooCommerce XSS Vulnerability – Hijacking a Customer Account with a Crafted Image↗2019-03-04

▶

Fortinet

Detailed Analysis of macOS/iOS Vulnerability CVE-2019-6231↗2019-01-24

▶