CVE-2019-8705
First published: Thu Sep 19 2019(Updated: )
CoreAudio. A memory corruption issue was addressed with improved validation.
Credit: riusksk VulWar Corp working with Trend Microriusksk VulWar Corp working with Trend Microriusksk VulWar Corp working with Trend Microriusksk VulWar Corp working with Trend Microriusksk VulWar Corp working with Trend Micro product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS | <13 | 13 |
| Apple Mac OS X | <10.15 | |
| Apple tvOS | <13 | |
| Apple tvOS | <13 | 13 |
| Apple watchOS | <6 | 6 |
| Apple macOS Catalina | <10.15 | 10.15 |
| Apple macOS Catalina | <10.15.1 | 10.15.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT210604 (Advisory)
- https://support.apple.com/en-us/HT210606 (Advisory)
- https://support.apple.com/en-us/HT210607 (Advisory)
- https://support.apple.com/en-us/HT210634 (Advisory)
- https://support.apple.com/en-us/HT210722 (Advisory)
- https://support.apple.com/HT210634
- https://support.apple.com/kb/HT210722
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-8748
- CVE-2019-11041
- CVE-2019-11042
- CVE-2019-8706
- CVE-2019-8850
- CVE-2019-8774
- CVE-2019-8753
- CVE-2019-8705
- CVE-2019-8592
- CVE-2019-8741
- CVE-2019-8825
- CVE-2019-8757
- CVE-2019-8736
- CVE-2019-8767
- CVE-2019-8737
- CVE-2019-8776
- CVE-2019-8509
- CVE-2019-8746
- CVE-2018-12152
- CVE-2018-12153
- CVE-2018-12154
- CVE-2019-8759
- CVE-2019-8758
- CVE-2019-8755
- CVE-2019-8703
- CVE-2019-8809
- CVE-2019-8744
- CVE-2019-8717
- CVE-2019-8709
- CVE-2019-8781
- CVE-2019-8749
- CVE-2019-8756
- CVE-2019-8750
- CVE-2019-8799
- CVE-2019-8826
- CVE-2019-8730
- CVE-2019-8772
- CVE-2019-8708
- CVE-2019-8715
- CVE-2019-8855
- CVE-2019-8770
- CVE-2019-8701
- CVE-2019-8761
- CVE-2019-8745
- CVE-2019-8831
- CVE-2019-8769
- CVE-2019-8768
- CVE-2019-8854
- CVE-2019-8787
- CVE-2019-8796
- CVE-2019-8824
- CVE-2019-8803
- CVE-2019-8817
- CVE-2019-8716
- CVE-2019-8788
- CVE-2019-8785
- CVE-2019-8797
- CVE-2019-8789
- CVE-2017-7152
- CVE-2019-8798
- CVE-2019-8784
- CVE-2019-8807
- CVE-2019-8801
- CVE-2019-8794
- CVE-2019-8786
- CVE-2019-8829
- CVE-2019-8802
- CVE-2019-8858
- CVE-2019-8805
- CVE-2019-8754
- CVE-2019-15126
- CVE-2019-8718
- CVE-2019-8740
- CVE-2019-8712
- CVE-2019-8710
- CVE-2019-8728
- CVE-2019-8734
- CVE-2019-8751
- CVE-2019-8752
- CVE-2019-8773
- CVE-2019-8747
- CVE-2019-8780
- CVE-2019-8704
- CVE-2019-8625
- CVE-2019-8719
- CVE-2019-8764
- CVE-2019-8707
- CVE-2019-8726
- CVE-2019-8733
- CVE-2019-8735
- CVE-2019-8743
- CVE-2019-8763
- CVE-2019-8765
- CVE-2019-8766
- CVE-2019-8762
- CVE-2020-9932
- CVE-2019-8711
- CVE-2019-8732
- CVE-2019-8760
- CVE-2019-8641
- CVE-2019-8742
- CVE-2019-8731
- CVE-2019-8727
- CVE-2019-8771
- CVE-2019-8674
Frequently Asked Questions
What is CVE-2019-8705?
CVE-2019-8705 is a memory corruption vulnerability in CoreAudio that allows a maliciously crafted movie to disclose process memory in macOS Catalina 10.15 and tvOS 13.
What is the severity of CVE-2019-8705?
The severity of CVE-2019-8705 is medium with a severity value of 5.5.
Which Apple products are affected by CVE-2019-8705?
Apple watchOS (up to version 6), macOS Catalina (up to version 10.15), iOS (up to version 13), Apple Mac OS X (up to version 10.15), and Apple tvOS (up to version 13) are affected by CVE-2019-8705.
How can I fix CVE-2019-8705?
To fix CVE-2019-8705, update to macOS Catalina 10.15, tvOS 13, or the latest available version of the affected products.
Where can I find more information about CVE-2019-8705?
You can find more information about CVE-2019-8705 on the Apple support page: [link](https://support.apple.com/en-us/HT210722)
- collector/apple-support
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- agent/trending
- vendor/apple
- canonical/apple macos catalina
- canonical/apple watchos
- canonical/apple tvos
- canonical/apple mac os x
- canonical/apple ios