nvd-json-data-feeds/CVE-2019/CVE-2019-87xx/CVE-2019-8745.json

{
  "id": "CVE-2019-8745",
  "sourceIdentifier": "product-security@apple.com",
  "published": "2019-12-18T18:15:38.443",
  "lastModified": "2020-08-24T17:37:01.140",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing a maliciously crafted text file may lead to arbitrary code execution."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento del b\u00fafer fue abordado mejorando la comprobaci\u00f3n de l\u00edmites. Este problema es corregido en macOS Catalina versi\u00f3n 10.15, tvOS versi\u00f3n 13, iTunes para Windows versi\u00f3n 12.10.1, iCloud para Windows versi\u00f3n 10.7, iCloud para Windows versi\u00f3n 7.14. El procesamiento de un archivo de texto dise\u00f1ado maliciosamente puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*",
              "versionEndExcluding": "7.14",
              "matchCriteriaId": "CD51BEFE-B28D-412A-996D-ADA104E4EC17"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*",
              "versionStartIncluding": "10.0",
              "versionEndExcluding": "10.7",
              "matchCriteriaId": "3AB3D55F-1566-4705-98C9-6D56F8F156F0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*",
              "versionEndExcluding": "12.10.1",
              "matchCriteriaId": "397F21E9-3B36-49AE-92E3-B5B1FC7773D1"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "10.15",
              "matchCriteriaId": "E28B89FF-E2E1-498A-AF43-C8DE5DA352CD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "13",
              "matchCriteriaId": "E6FCD7CE-EC26-4952-A34D-2221AA4F223B"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://support.apple.com/HT210634",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://support.apple.com/HT210635",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://support.apple.com/HT210636",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://support.apple.com/HT210637",
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://support.apple.com/kb/HT210722",
      "source": "product-security@apple.com"
    }
  ]
}