Vulnerability Description
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Icloud | < 7.14 |
| Apple | Itunes | < 12.10.1 |
| Apple | Mac Os X | < 10.15 |
| Apple | Tvos | < 13 |
Related Weaknesses (CWE)
References
- https://support.apple.com/HT210634Vendor Advisory
- https://support.apple.com/HT210635Vendor Advisory
- https://support.apple.com/HT210636Vendor Advisory
- https://support.apple.com/HT210637Vendor Advisory
- https://support.apple.com/kb/HT210722
- https://support.apple.com/HT210634Vendor Advisory
- https://support.apple.com/HT210635Vendor Advisory
- https://support.apple.com/HT210636Vendor Advisory
- https://support.apple.com/HT210637Vendor Advisory
- https://support.apple.com/kb/HT210722
FAQ
What is CVE-2019-8745?
CVE-2019-8745 is a vulnerability with a CVSS score of 8.8 (HIGH). A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Proce...
How severe is CVE-2019-8745?
CVE-2019-8745 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-8745?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Icloud, Apple Itunes, Apple Mac Os X, Apple Tvos.