← Retour aux CVEs
CVE-2019-8789
MEDIUM5.5
Description
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information.
Details CVE
Score CVSS v3.15.5
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie12/18/2019
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
apple:ipadosapple:iphone_osapple:mac_os_x
Faiblesses (CWE)
CWE-59
References
https://support.apple.com/HT210721(product-security@apple.com)
https://support.apple.com/HT210722(product-security@apple.com)
https://support.apple.com/HT210721(af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/HT210722(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.