PT-2019-19227 · Apple · Macos Catalina+1

Hjy79425575

Publicado

2019-12-18

Atualizado

2019-12-30

CVE-2019-8801

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions iTunes for Windows versions prior to 12.10.2 macOS Catalina versions prior to 10.15.1

Description A dynamic library loading issue existed in iTunes setup, which could result in arbitrary code execution if the iTunes installer was run in an untrusted directory. This issue was addressed with improved path searching.

Recommendations For iTunes for Windows versions prior to 12.10.2, update to version 12.10.2 or later. For macOS Catalina versions prior to 10.15.1, update to version 10.15.1 or later.

Correção

Untrusted Search Path

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-426

Identificadores relacionados

CVE-2019-8801

Produtos afetados

Itunes

Macos Catalina

PT-2019-19227 · Apple · Macos Catalina+1

CVE-2019-8801

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4