CVE-2019-8506

HIGHCISA KEV

8.8

Descripcion

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

Detalles CVE

Puntuacion CVSS v3.18.8

SeveridadHIGH

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioREQUIRED

Publicado12/18/2019

Ultima modificacion10/23/2025

Fuentekev

Avistamientos honeypot0

CISA KEV

VendedorApple

ProductoMultiple Products

Nombre vulnerabilidadApple Multiple Products Type Confusion Vulnerability

Fecha inclusion KEV2022-05-04

Fecha limite remediacion2022-05-25

Uso en ransomwareUnknown

Productos afectados

apple:icloudapple:iphone_osapple:itunesapple:safariapple:tvosapple:watchosredhat:enterprise_linux_desktopredhat:enterprise_linux_serverredhat:enterprise_linux_workstation