cbcvebase.
CVE-2019-8535
published 2019-12-18

CVE-2019-8535: A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows…

high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected

19 ranges
VendorProductVersion rangeFixed in
appleicloud< 7.117.11
appleicloud_for_windows
appleicloud_for_windows>= unspecified < iCloud for Windows 7.11iCloud for Windows 7.11
appleios
appleios>= unspecified < iOS 12.2iOS 12.2
appleiphone_os< 12.212.2
appleitunes< 12.9.412.9.4
appleitunes_12.9.4_for_windows
appleitunes_for_windows>= unspecified < iTunes 12.9.4 for WindowsiTunes 12.9.4 for Windows
applesafari< 12.112.1
applesafari
applesafari>= unspecified < Safari 12.1Safari 12.1
appletvos< 12.212.2
appletvos
appletvos>= unspecified < tvOS 12.2tvOS 12.2
debianwebkit2gtk< webkit2gtk 2.24.1-1 (bookworm)webkit2gtk 2.24.1-1 (bookworm)
redhatenterprise_linux_desktop
redhatenterprise_linux_server
redhatenterprise_linux_workstation

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
osv8.8HIGH