CVE-2019-8597

MEDIUM

Apple Icloud < 7.12 - Out-of-Bounds Write

Title source: rule

Description

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.

References (7)

Core 7

Core References

Vendor Advisory x_refsource_misc

https://support.apple.com/HT210118

Vendor Advisory x_refsource_misc

https://support.apple.com/HT210119

Vendor Advisory x_refsource_misc

https://support.apple.com/HT210120

Vendor Advisory x_refsource_misc

https://support.apple.com/HT210123

Vendor Advisory x_refsource_misc

https://support.apple.com/HT210124

Vendor Advisory x_refsource_misc

https://support.apple.com/HT210125

Vendor Advisory x_refsource_misc

https://support.apple.com/HT210212

Scores

CVSS v3 6.5

EPSS 0.0073

EPSS Percentile 72.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE

CWE-843 CWE-787

Status published

Products (7)

apple/icloud < 7.12

apple/iphone_os < 12.3

apple/itunes < 12.9.5

apple/mac_os_x < 10.14.5

apple/safari < 12.1.1

apple/tvos < 12.3

apple/watchos < 5.1.1

Published Dec 18, 2019

Tracked Since Feb 18, 2026