CVE-2019-8826
published 2020-10-27CVE-2019-8826: A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. Processing maliciously crafted web content…
PriorityP347high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
1.05%
59.9th percentile
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. Processing maliciously crafted web content may lead to arbitrary code execution.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | < 10.15 | 10.15 |
| apple | macos | >= unspecified < 10.15 | 10.15 |
| apple | macos_catalina | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2019-8826: macOS Catalina 10.15
vendor_apple·2019-10-07·CVSS 8.8
CVE-2019-8826 [HIGH] CVE-2019-8826: macOS Catalina 10.15
Apple Security Update: About the security content of macOS Catalina 10.15
Product: macOS Catalina
Version: 10.15
CVE: CVE-2019-8826
Component: Menus
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved state management.
GHSA
GHSA-x6c3-g59x-84cr: A memory corruption issue was addressed with improved state management
ghsa_unreviewed·2022-05-24
CVE-2019-8826 [HIGH] CWE-119 GHSA-x6c3-g59x-84cr: A memory corruption issue was addressed with improved state management
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. Processing maliciously crafted web content may lead to arbitrary code execution.
Suricata
GPL NETBIOS DCERPC Messenger Service buffer overflow attempt
suricata·2010-09-23
CVE-2003-0717 GPL NETBIOS DCERPC Messenger Service buffer overflow attempt
GPL NETBIOS DCERPC Messenger Service buffer overflow attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC Messenger Service buffer overflow attempt"; content:"|04 00|"; depth:2; byte_test:1,>,15,2,relative; byte_jump:4,86,little,align,relative; byte_jump:4,8,little,align,relative; byte_test:4,>,1024,0,little,relative; reference:bugtraq,8826; reference:cve,2003-0717; reference:nessus,11888; reference:nessus,11890; reference:url,www.microsoft.com/technet/security/bulletin/MS03-043.mspx; classtype:attempted-admin; sid:2102257; rev:10; metadata:created_at 2010_09_23, cve CVE_2003_0717, confidence High, signature_severity Informational, updated_at 2019_07_26;)
No public exploits indexed.
No writeups or analysis indexed.
2020-10-27
Published