{"containers": {"cna": {"affected": [{"product": "tvOS", "vendor": "Apple", "versions": [{"lessThan": "tvOS 13", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "iTunes for Windows", "vendor": "Apple", "versions": [{"lessThan": "iTunes for Windows 12.10.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "iCloud for Windows", "vendor": "Apple", "versions": [{"lessThan": "iCloud for Windows 10.7", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "iCloud for Windows (Legacy)", "vendor": "Apple", "versions": [{"lessThan": "iCloud for Windows 7.14", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution."}], "problemTypes": [{"descriptions": [{"description": "Processing maliciously crafted web content may lead to arbitrary code execution", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-03-15T06:06:14", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/HT210635"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/HT210636"}, {"tags": ["x_refsource_MISC"], "url": "https://support.apple.com/HT210637"}, {"name": "GLSA-202003-22", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202003-22"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2019-8733", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "tvOS", "version": {"version_data": [{"version_affected": "<", "version_value": "tvOS 13"}]}}, {"product_name": "iTunes for Windows", "version": {"version_data": [{"version_affected": "<", "version_value": "iTunes for Windows 12.10.1"}]}}, {"product_name": "iCloud for Windows", "version": {"version_data": [{"version_affected": "<", "version_value": "iCloud for Windows 10.7"}]}}, {"product_name": "iCloud for Windows (Legacy)", "version": {"version_data": [{"version_affected": "<", "version_value": "iCloud for Windows 7.14"}]}}]}, "vendor_name": "Apple"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Processing maliciously crafted web content may lead to arbitrary code execution"}]}]}, "references": {"reference_data": [{"name": "https://support.apple.com/HT210635", "refsource": "MISC", "url": "https://support.apple.com/HT210635"}, {"name": "https://support.apple.com/HT210636", "refsource": "MISC", "url": "https://support.apple.com/HT210636"}, {"name": "https://support.apple.com/HT210637", "refsource": "MISC", "url": "https://support.apple.com/HT210637"}, {"name": "GLSA-202003-22", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-22"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T21:24:29.706Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/HT210635"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/HT210636"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.apple.com/HT210637"}, {"name": "GLSA-202003-22", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202003-22"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2019-8733", "datePublished": "2019-12-18T17:33:23", "dateReserved": "2019-02-18T00:00:00", "dateUpdated": "2024-08-04T21:24:29.706Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*", "matchCriteriaId": "CD51BEFE-B28D-412A-996D-ADA104E4EC17", "versionEndExcluding": "7.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*", "matchCriteriaId": "3AB3D55F-1566-4705-98C9-6D56F8F156F0", "versionEndExcluding": "10.7", "versionStartIncluding": "10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*", "matchCriteriaId": "397F21E9-3B36-49AE-92E3-B5B1FC7773D1", "versionEndExcluding": "12.10.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6FCD7CE-EC26-4952-A34D-2221AA4F223B", "versionEndExcluding": "13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution."}, {"lang": "es", "value": "M\u00faltiples problemas de corrupci\u00f3n de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en tvOS versi\u00f3n 13, iTunes para Windows versi\u00f3n 12.10.1, iCloud para Windows versi\u00f3n 10.7, iCloud para Windows versi\u00f3n 7.14. El procesamiento de contenido web dise\u00f1ado maliciosamente puede conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario."}], "id": "CVE-2019-8733", "lastModified": "2021-11-30T21:01:44.827", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-12-18T18:15:37.740", "references": [{"source": "product-security@apple.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202003-22"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/HT210635"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/HT210636"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/HT210637"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2020:4035", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "webkitgtk4-0:2.28.2-2.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-09-29T00:00:00Z"}, {"advisory": "RHEA-2019:4262", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "webkit2gtk3-0:2.24.4-2.el8_1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-12-17T00:00:00Z"}], "bugzilla": {"description": "webkitgtk: Multiple memory corruption issues leading to arbitrary code execution", "id": "1876613", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1876613"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "details": ["Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to arbitrary code execution."], "name": "CVE-2019-8733", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "webkitgtk", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "webkitgtk3", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2019-10-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-8733\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-8733\nhttps://webkitgtk.org/security/WSA-2019-0005.html"], "threat_severity": "Moderate", "upstream_fix": "webkitgtk 2.24.4"}