CVE-2019-8787Out-of-bounds Read in Apple Macos

CWE-125Out-of-bounds Read8 documents5 sources
Severity
7.5HIGHNVD
EPSS
0.7%
top 28.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Apple IOSApple MacosApple Tvos+4 more
Timeline
PublishedDec 18
Latest updateMay 24

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A remote attacker may be able to leak memory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages9 packages

CVEListV5apple/tvosunspecifiedtvOS 13.2
NVDapple/tvos< 13.2
CVEListV5apple/macosunspecifiedmacOS Catalina 10.15.1
CVEListV5apple/watchosunspecifiedwatchOS 6.1
NVDapple/watchos< 6.1

🔴Vulnerability Details

2
GHSA
GHSA-vh75-x3f9-hw2x: An out-of-bounds read was addressed with improved input validation2022-05-24
CVEList
CVE-2019-8787: An out-of-bounds read was addressed with improved input validation2019-12-18

📋Vendor Advisories

4
Apple
CVE-2019-8787: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-0062019-10-29
Apple
CVE-2019-8787: watchOS 6.12019-10-29
Apple
CVE-2019-8787: iOS 13.2 and iPadOS 13.22019-10-28
Apple
CVE-2019-8787: tvOS 13.22019-10-28

💬Community

1
Bugzilla
CVE-2018-8787 freerdp: Integer overflow leading to heap-based buffer overflow in gdi_Bitmap_Decompress() function2019-01-31
CVE-2019-8787 — Out-of-bounds Read in Apple Macos | cvebase