CVE-2019-8830

Summary

An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via FaceTime may lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOSunspecified < 13.3affected
AppleiOSunspecified < 12.4affected
ApplemacOSunspecified < 10.15affected
ApplemacOSunspecified < 6.1affected
ApplemacOSunspecified < 13.3affected
ApplemacOSunspecified < 5.3affected

Weaknesses

  • Processing malicious video via FaceTime may lead to arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

References