PT-2020-11279 · Apple · Apple Macos

Maya Sigal

Published

2020-10-27

Updated

2020-11-02

CVE-2019-8642

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.14.4 Security Update versions prior to 2019-002 for High Sierra and Sierra

Description An issue existed in the handling of S-MIME certificates, which has been addressed with improved validation. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing.

Recommendations For macOS versions prior to 10.14.4, update to macOS Mojave 10.14.4 or later. For High Sierra and Sierra, apply Security Update 2019-002 or later.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2019-8642

Affected Products

Apple Macos

PT-2020-11279 · Apple · Apple Macos

CVE-2019-8642

Weakness Enumeration

Related Identifiers

Affected Products

References · 3