A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory.
CVE Status: Modified
Attribute | Value |
---|---|
Attack Complexity | LOW |
Attack Vector | NETWORK |
Availability Impact | NONE |
Base Score | 7.5 |
Base Severity | HIGH |
Confidentiality Impact | HIGH |
Integrity Impact | NONE |
Privileges Required | NONE |
Scope | UNCHANGED |
User Interaction | NONE |
Vector String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Exploitability Score | 3.9 |
Impact Score | 3.6 |
Source | [email protected] |
Type | Primary |