Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2019-8672 — Out-of-bounds Write in Apple Icloud FOR Windows
Severity
8.8HIGHNVD
EPSS
41.7%
top 2.57%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedDec 18
Latest updateMay 24
Description
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages17 packages
🔴Vulnerability Details
3GHSA▶
GHSA-96vv-4v74-xc29: Multiple memory corruption issues were addressed with improved memory handling↗2022-05-24
CVEList▶
CVE-2019-8672: Multiple memory corruption issues were addressed with improved memory handling↗2019-12-18
OSV▶
CVE-2019-8672: Multiple memory corruption issues were addressed with improved memory handling↗2019-12-18
💥Exploits & PoCs
1📋Vendor Advisories
10💬Community
1Bugzilla▶
CVE-2019-8672 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-07