VAR-202010-0197
Vulnerability from variot - Updated: 2023-12-18 10:55A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory. plural Apple The product contains a validation vulnerability due to a flawed input sanitization process.Limited memory can be read through the application. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple macOS High Sierra is a dedicated operating system developed for Mac computers. tvOS is a smart TV operating system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202010-0197",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.3"
},
{
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.13.6"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.14.5"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.3"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.14.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "12.3 \u672a\u6e80 (ipad air \u4ee5\u964d)"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.13.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "12.3 \u672a\u6e80 (ipod touch \u7b2c 6 \u4e16\u4ee3)"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "12.3 \u672a\u6e80 (apple tv 4k)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "12.3 \u672a\u6e80 (iphone 5s \u4ee5\u964d)"
},
{
"model": "tvos",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "12.3 \u672a\u6e80 (apple tv hd)"
},
{
"model": "watchos",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "5.3 \u672a\u6e80 (apple watch series 1 \u4ee5\u964d)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"db": "NVD",
"id": "CVE-2019-8633"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.14.5",
"versionStartIncluding": "10.13.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-8633"
}
]
},
"cve": "CVE-2019-8633",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-015876",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-160068",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-8633",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-015876",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-8633",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2019-015876",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202010-1504",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-160068",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-8633",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160068"
},
{
"db": "VULMON",
"id": "CVE-2019-8633"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"db": "NVD",
"id": "CVE-2019-8633"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1504"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory. plural Apple The product contains a validation vulnerability due to a flawed input sanitization process.Limited memory can be read through the application. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple macOS High Sierra is a dedicated operating system developed for Mac computers. tvOS is a smart TV operating system",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-8633"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"db": "VULHUB",
"id": "VHN-160068"
},
{
"db": "VULMON",
"id": "CVE-2019-8633"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-8633",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU93988385",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU93368270",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015876",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1504",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2020-61927",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-160068",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-8633",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160068"
},
{
"db": "VULMON",
"id": "CVE-2019-8633"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"db": "NVD",
"id": "CVE-2019-8633"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1504"
}
]
},
"id": "VAR-202010-0197",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-160068"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:55:59.800000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT210118",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht210118"
},
{
"title": "HT210119",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht210119"
},
{
"title": "HT210120",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht210120"
},
{
"title": "HT210353",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht210353"
},
{
"title": "HT210118",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht210118"
},
{
"title": "HT210119",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht210119"
},
{
"title": "HT210120",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht210120"
},
{
"title": "HT210353",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht210353"
},
{
"title": "Multiple Apple Product input verification error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=131782"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1504"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160068"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"db": "NVD",
"id": "CVE-2019-8633"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.apple.com/en-us/ht210118"
},
{
"trust": 1.8,
"url": "https://support.apple.com/en-us/ht210119"
},
{
"trust": 1.8,
"url": "https://support.apple.com/en-us/ht210120"
},
{
"trust": 1.8,
"url": "https://support.apple.com/en-us/ht210353"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8633"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8633"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93988385/index.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu93368270/index.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160068"
},
{
"db": "VULMON",
"id": "CVE-2019-8633"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"db": "NVD",
"id": "CVE-2019-8633"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1504"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-160068"
},
{
"db": "VULMON",
"id": "CVE-2019-8633"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"db": "NVD",
"id": "CVE-2019-8633"
},
{
"db": "CNNVD",
"id": "CNNVD-202010-1504"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-27T00:00:00",
"db": "VULHUB",
"id": "VHN-160068"
},
{
"date": "2020-10-27T00:00:00",
"db": "VULMON",
"id": "CVE-2019-8633"
},
{
"date": "2021-01-28T05:11:34",
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"date": "2020-10-27T20:15:16.313000",
"db": "NVD",
"id": "CVE-2019-8633"
},
{
"date": "2020-10-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-1504"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-28T00:00:00",
"db": "VULHUB",
"id": "VHN-160068"
},
{
"date": "2020-10-28T00:00:00",
"db": "VULMON",
"id": "CVE-2019-8633"
},
{
"date": "2021-01-28T05:11:34",
"db": "JVNDB",
"id": "JVNDB-2019-015876"
},
{
"date": "2020-10-28T16:11:01.030000",
"db": "NVD",
"id": "CVE-2019-8633"
},
{
"date": "2021-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202010-1504"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-1504"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Product validation vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-015876"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202010-1504"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…