CVE-2019-8696Classic Buffer Overflow in Apple Macos

CWE-120Classic Buffer OverflowCWE-121Stack-based Buffer Overflow11 documents9 sources
Severity
8.8HIGHNVD
EPSS
1.4%
top 19.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Apple MacosApple CupsApple MAC OS X
Timeline
PublishedOct 27
Latest updateMay 24

Description

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

CVEListV5apple/macosunspecified10.14
NVDapple/mac_os_x< 10.14.6
Debianapple/cups< 2.2.12-1+3
Ubuntuapple/cups< 2.1.3-4ubuntu0.10+1

🔴Vulnerability Details

4
GHSA
GHSA-x533-p6vv-fpw5: A buffer overflow issue was addressed with improved memory handling2022-05-24
OSV
CVE-2019-8696: A buffer overflow issue was addressed with improved memory handling2020-10-27
CVEList
CVE-2019-8696: A buffer overflow issue was addressed with improved memory handling2020-10-27
OSV
cups vulnerabilities2019-08-20

📋Vendor Advisories

4
Ubuntu
CUPS vulnerabilities2019-08-20
Red Hat
cups: stack-buffer-overflow in libcups's asn1_get_packed function2019-08-14
Apple
CVE-2019-8696: macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra2019-07-22
Debian
CVE-2019-8696: cups - A buffer overflow issue was addressed with improved memory handling. This issue ...2019

💬Community

2
Bugzilla
CVE-2019-8696 cups: stack-buffer-overflow in libcups's asn1_get_packed function [fedora-all]2019-08-17
Bugzilla
CVE-2019-8696 cups: stack-buffer-overflow in libcups's asn1_get_packed function2019-08-07