mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
79 lines
2.8 KiB
JSON
79 lines
2.8 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2019-8801",
|
|
"ASSIGNER": "product-security@apple.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Apple",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "macOS",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_value": "macOS Catalina 10.15.1"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"product_name": "iTunes for Windows",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_value": "iTunes for Windows 12.10.2"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Running the iTunes installer in an untrusted directory may result in arbitrary code execution"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://support.apple.com/HT210722",
|
|
"refsource": "MISC",
|
|
"name": "https://support.apple.com/HT210722"
|
|
},
|
|
{
|
|
"url": "https://support.apple.com/HT210726",
|
|
"refsource": "MISC",
|
|
"name": "https://support.apple.com/HT210726"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution."
|
|
}
|
|
]
|
|
}
|
|
} |