CVE-2019-8710 — Out-of-bounds Write in Apple Icloud FOR Windows

CWE-787 — Out-of-bounds Write CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents8 sources

Severity

8.8HIGHNVD

EPSS

0.5%

top 33.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Icloud FOR Windows Apple Icloud

Timeline

PublishedDec 18

Latest updateMay 24

Description

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5apple/icloud_for_windowsunspecified — iCloud for Windows 11.0

▶NVDapple/icloud< 10.8

🔴Vulnerability Details

GHSA

GHSA-2cfg-h7c9-q2qm: Multiple memory corruption issues were addressed with improved memory handling↗2022-05-24

▶

OSV

CVE-2019-8710: Multiple memory corruption issues were addressed with improved memory handling↗2019-12-18

▶

CVEList

CVE-2019-8710: Multiple memory corruption issues were addressed with improved memory handling↗2019-12-18

▶

📋Vendor Advisories

Red Hat

webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2019-11-08

▶

Apple

CVE-2019-8710: iCloud for Windows 10.8↗2019-10-30

▶

Apple

CVE-2019-8710: iTunes 12.10.1 for Windows↗2019-10-07

▶

Apple

CVE-2019-8710: Safari 13.0.1↗2019-09-24

▶

Apple

CVE-2019-8710: iOS 13.1 and iPadOS 13.1↗2019-09-24

▶

💬Community

Bugzilla

CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution↗2020-09-07

▶