CVE-2019-8506

HIGHCISA KEV

8.8

Description

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

Details CVE

Score CVSS v3.18.8

SeveriteHIGH

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurREQUIRED

Publie12/18/2019

Derniere modification10/23/2025

Sourcekev

Observations honeypot0

CISA KEV

FournisseurApple

ProduitMultiple Products

Nom vulnerabiliteApple Multiple Products Type Confusion Vulnerability

Date ajout KEV2022-05-04

Date limite remediation2022-05-25

Utilise dans ransomwareUnknown

Produits affectes

apple:icloudapple:iphone_osapple:itunesapple:safariapple:tvosapple:watchosredhat:enterprise_linux_desktopredhat:enterprise_linux_serverredhat:enterprise_linux_workstation