5.5

CVE-2019-8744

A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. A malicious application may be able to determine kernel memory layout.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPhone OS Version < 13.1
ApplemacOS X Version < 10.15
AppletvOS Version < 13
ApplewatchOS Version < 6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.89% 0.546
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://support.apple.com/en-us/HT210634
Vendor Advisory
https://support.apple.com/en-us/HT210722
Vendor Advisory
https://support.apple.com/en-us/HT210604
Vendor Advisory
https://support.apple.com/en-us/HT210606
Vendor Advisory
https://support.apple.com/en-us/HT210607
Vendor Advisory