CVE-2019-8542: Buffer Overflow
First published: Mon Mar 25 2019(Updated: )
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges.
Credit: an anonymous researcher an anonymous researcher an anonymous researcher an anonymous researcher an anonymous researcher an anonymous researcher product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iCloud for Windows | <7.11 | 7.11 |
| Apple iTunes for Windows | <12.9.4 | 12.9.4 |
| Apple macOS Mojave | <10.14.4 | 10.14.4 |
| Apple High Sierra | ||
| Apple Sierra | ||
| Apple watchOS | <5.2 | 5.2 |
| Apple tvOS | <12.2 | 12.2 |
| Apple iOS | <12.2 | 12.2 |
| Apple Icloud Windows | <7.11 | |
| Apple Itunes Windows | <12.9.4 | |
| Apple iPhone OS | <12.2 | |
| Apple Mac OS X | <10.14.4 | |
| Apple tvOS | <12.2 | |
| Apple watchOS | <5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT209599 (Advisory)
- https://support.apple.com/en-us/HT209600 (Advisory)
- https://support.apple.com/en-us/HT209601 (Advisory)
- https://support.apple.com/en-us/HT209602 (Advisory)
- https://support.apple.com/en-us/HT209604 (Advisory)
- https://support.apple.com/en-us/HT209605 (Advisory)
- https://support.apple.com/HT209599
- https://support.apple.com/HT209600
- https://support.apple.com/HT209601
- https://support.apple.com/HT209602
- https://support.apple.com/HT209604
- https://support.apple.com/HT209605
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-8542
- CVE-2019-6232
- CVE-2019-6201
- CVE-2019-8518
- CVE-2019-8523
- CVE-2019-8524
- CVE-2019-8558
- CVE-2019-8559
- CVE-2019-8563
- CVE-2019-8638
- CVE-2019-8639
- CVE-2019-8506
- CVE-2019-8535
- CVE-2019-8515
- CVE-2019-8536
- CVE-2019-8544
- CVE-2019-7285
- CVE-2019-8556
- CVE-2019-8503
- CVE-2019-7292
- CVE-2019-8551
- CVE-2019-6236
- CVE-2019-8562
- CVE-2019-6203
- CVE-2019-8531
- CVE-2019-8538
- CVE-2019-8534
- CVE-2019-8555
- CVE-2019-6239
- CVE-2019-8516
- CVE-2019-8552
- CVE-2019-8511
- CVE-2019-8522
- CVE-2019-8550
- CVE-2019-8777
- CVE-2019-8565
- CVE-2019-8521
- CVE-2019-8906
- CVE-2019-8519
- CVE-2019-8533
- CVE-2019-8545
- CVE-2019-8504
- CVE-2019-8529
- CVE-2018-4448
- CVE-2019-5608
- CVE-2019-8527
- CVE-2019-8528
- CVE-2019-8508
- CVE-2019-8514
- CVE-2019-8540
- CVE-2019-7293
- CVE-2019-6207
- CVE-2019-8510
- CVE-2019-8547
- CVE-2019-8525
- CVE-2018-4433
- CVE-2019-8642
- CVE-2019-8645
- CVE-2019-8546
- CVE-2019-8579
- CVE-2019-8537
- CVE-2019-8561
- CVE-2018-12015
- CVE-2018-18311
- CVE-2018-18313
- CVE-2019-8549
- CVE-2019-8507
- CVE-2019-8618
- CVE-2019-8526
- CVE-2019-8520
- CVE-2019-8502
- CVE-2019-8513
- CVE-2019-8569
- CVE-2019-8517
- CVE-2019-8564
- CVE-2019-8612
- CVE-2019-8567
- CVE-2019-6238
- CVE-2019-8530
- CVE-2019-7286
- CVE-2019-8553
- CVE-2019-8532
- CVE-2019-8548
- CVE-2019-8541
- CVE-2019-8512
- CVE-2019-7284
- CVE-2019-8566
- CVE-2019-8554
- CVE-2019-6204
- CVE-2019-8505
- CVE-2019-6222
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-8542.
What is the description of the vulnerability?
A buffer overflow was addressed with improved bounds checking. A malicious application may be able to elevate privileges.
What is the severity of CVE-2019-8542?
The severity of CVE-2019-8542 is high.
Which Apple products are affected by this vulnerability?
iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, and iCloud for Windows 7.11 are affected by this vulnerability.
How do I fix CVE-2019-8542?
To fix CVE-2019-8542, update your software to iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, or iCloud for Windows 7.11.
- collector/apple-support
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/software-canonical-lookup-request
- agent/references
- agent/event
- agent/weakness
- agent/severity
- agent/author
- agent/description
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple icloud for windows
- canonical/apple itunes for windows
- canonical/apple macos mojave
- canonical/apple high sierra
- canonical/apple sierra
- canonical/apple watchos
- canonical/apple tvos
- canonical/apple ios
- canonical/apple icloud windows
- canonical/apple itunes windows
- canonical/apple iphone os
- canonical/apple mac os x