CVE-2019-8830: An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update…

high8.8CVSS 3.1

AVNACLPRNUIRSUCHIHAH

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via FaceTime may lead to arbitrary code execution.

Affected

19 ranges

Vendor	Product	Version range	Fixed in
apple	apple_support	—	—
apple	ios	—	—
apple	ios	>= unspecified < 12.4	12.4
apple	ios_13.3_and_ipados	—	—
apple	ios_and_ipados	>= unspecified < 13.3	13.3
apple	ipados	< 13.3	13.3
apple	iphone_os	< 13.3	13.3
apple	iphone_os	>= 12.0.0 < 12.4.4	12.4.4
apple	mac_os_x	< 10.15.2	10.15.2
apple	macos	>= unspecified < 10.15	10.15
apple	macos	>= unspecified < 6.1	6.1
apple	macos	>= unspecified < 13.3	13.3
apple	macos	>= unspecified < 5.3	5.3
apple	macos_catalina_10.15.2_security_update_2019-002_mojave_security_update_2019-007	—	—
apple	tvos	< 13.3	13.3
apple	tvos	—	—
apple	watchos	< 5.3.4	5.3.4
apple	watchos	—	—
apple	watchos	>= 6.0.0 < 6.1.1	6.1.1