CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-8600

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile11.95th
Published2019年12月18日
Last Modified2024年11月21日

Vulnerability Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A maliciously crafted SQL query may lead to arbitrary code execution.

Affected Platforms (CPE)

📦
Apple

Icloud

< 7.12
📦
Apple

Icloud

>= 10.0 and <= 10.4
📦
Apple

Itunes

< 12.9.5
💻
Apple

Iphone Os

< 12.3
💻
Apple

Mac Os X

< 10.14.5
💻
Apple

Tvos

< 12.3
💻
Apple

Watchos

< 5.2.1

References & Advisories

🔗 https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/
🔗 https://support.apple.com/HT210118
🔗 https://support.apple.com/HT210119
🔗 https://support.apple.com/HT210120
🔗 https://support.apple.com/HT210122
🔗 https://support.apple.com/HT210124
🔗 https://support.apple.com/HT210125
🔗 https://support.apple.com/HT210212

相关漏洞威胁

CVE-2019-87509.8

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 6.1, iCloud for Wi...

CVE-2019-87469.8

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud fo...

CVE-2018-41479.8

In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory c...

CVE-2019-87499.8

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS ...