Buffer overflow - CVE-2019-8835

 

Buffer overflow - CVE-2019-8835

Published: October 27, 2020 / Updated: November 1, 2020


Vulnerability identifier: #VU48062
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2019-8835
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor:
Affected software:

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.


How to mitigate CVE-2019-8835

Install update from vendor's website.

Sources