CVE-2019-8685high
Description
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
References
https://support.apple.com/HT210348
https://support.apple.com/HT210351
https://support.apple.com/HT210358
https://support.apple.com/HT210346
https://support.apple.com/HT210357
https://support.apple.com/HT210356
Details
Source: MITRE
Published: 2019-12-18
Updated: 2021-07-21
Type: CWE-119
Risk Information
CVSS v2
Base Score: 9.3
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 8.6
Severity: HIGH
CVSS v3
Base Score: 8.8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 2.8
Severity: HIGH