CVE-2019-8542Classic Buffer Overflow in Apple Icloud FOR Windows

CWE-120Classic Buffer Overflow9 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.4%
top 42.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Apple Icloud FOR WindowsApple IOSApple Itunes FOR Windows+7 more
Timeline
PublishedDec 18
Latest updateMay 24

Description

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages12 packages

CVEListV5apple/icloud_for_windowsunspecifiediCloud for Windows 7.11
CVEListV5apple/itunes_for_windowsunspecifiediTunes 12.9.4 for Windows
CVEListV5apple/tvosunspecifiedtvOS 12.2
NVDapple/tvos< 12.2
CVEListV5apple/macosunspecifiedmacOS Mojave 10.14.4

🔴Vulnerability Details

2
GHSA
GHSA-22w7-gmrw-m5qp: A buffer overflow was addressed with improved bounds checking2022-05-24
CVEList
CVE-2019-8542: A buffer overflow was addressed with improved bounds checking2019-12-18

📋Vendor Advisories

6
Apple
CVE-2019-8542: watchOS 5.22019-03-27
Apple
CVE-2019-8542: iTunes 12.9.4 for Windows2019-03-25
Apple
CVE-2019-8542: iCloud for Windows 7.112019-03-25
Apple
CVE-2019-8542: iOS 12.22019-03-25
Apple
CVE-2019-8542: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra2019-03-25
CVE-2019-8542 — Classic Buffer Overflow in Apple | cvebase