CVE-2019-8517
published 2019-12-18CVE-2019-8517: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | ios | >= unspecified < iOS 12.2 | iOS 12.2 |
| apple | iphone_os | < 12.2 | 12.2 |
| apple | mac_os_x | < 10.14.4 | 10.14.4 |
| apple | macos | >= unspecified < macOS Mojave 10.14.4 | macOS Mojave 10.14.4 |
| apple | macos_mojave_10.14.4_security_update_2019-002_high_sierra_security_update_2019-0 | — | — |
| apple | tvos | < 12.2 | 12.2 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < tvOS 12.2 | tvOS 12.2 |
| apple | watchos | < 5.2 | 5.2 |
| apple | watchos | — | — |
| apple | watchos | >= unspecified < watchOS 5.2 | watchOS 5.2 |
Apple
CVE-2019-8517: watchOS 5.2
vendor_apple·2019-03-27·CVSS 6.5
CVE-2019-8517 [MEDIUM] CVE-2019-8517: watchOS 5.2
Apple Security Update: About the security content of watchOS 5.2
Product: watchOS
Version: 5.2
CVE: CVE-2019-8517
Component: TrueTypeScaler
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds checking.
Apple
CVE-2019-8517: tvOS 12.2
vendor_apple·2019-03-25·CVSS 6.5
CVE-2019-8517 [MEDIUM] CVE-2019-8517: tvOS 12.2
Apple Security Update: About the security content of tvOS 12.2
Product: tvOS
Version: 12.2
CVE: CVE-2019-8517
Component: TrueTypeScaler
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds checking.
Apple
CVE-2019-8517: iOS 12.2
vendor_apple·2019-03-25·CVSS 6.5
CVE-2019-8517 [MEDIUM] CVE-2019-8517: iOS 12.2
Apple Security Update: About the security content of iOS 12.2
Product: iOS
Version: 12.2
CVE: CVE-2019-8517
Component: TrueTypeScaler
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds checking.
Apple
CVE-2019-8517: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
vendor_apple·2019-03-25·CVSS 6.5
CVE-2019-8517 [MEDIUM] CVE-2019-8517: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
Apple Security Update: About the security content of macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
Product: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra
CVE: CVE-2019-8517
Component: TrueTypeScaler
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds checking.
GHSA
GHSA-hpwx-x69g-jr6j: An out-of-bounds read was addressed with improved bounds checking
ghsa_unreviewed·2022-05-24
CVE-2019-8517 [MEDIUM] GHSA-hpwx-x69g-jr6j: An out-of-bounds read was addressed with improved bounds checking
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-12-18
Published