NVD Vulnerability Detail

CVE-2019-8598

Summary	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory.
Publication Date	Dec. 19, 2019, 3:15 a.m.
Registration Date	Jan. 26, 2021, 11:44 a.m.
Last Update	Nov. 21, 2024, 1:50 p.m.

Affected software configurations

Related information, measures and tools

No	URL	タグ
1	https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/
2	https://support.apple.com/HT210118	Vendor Advisory
3	https://support.apple.com/HT210119	Vendor Advisory
4	https://support.apple.com/HT210120	Vendor Advisory
5	https://support.apple.com/HT210122	Vendor Advisory
6	https://support.apple.com/HT210124	Vendor Advisory
7	https://support.apple.com/HT210125	Vendor Advisory
8	https://support.apple.com/HT210212	Vendor Advisory
9	https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite/
10	https://support.apple.com/HT210212	Vendor Advisory
11	https://support.apple.com/HT210125	Vendor Advisory
12	https://support.apple.com/HT210124	Vendor Advisory
13	https://support.apple.com/HT210122	Vendor Advisory
14	https://support.apple.com/HT210120	Vendor Advisory
15	https://support.apple.com/HT210119	Vendor Advisory
16	https://support.apple.com/HT210118	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

JVN Vulnerability Information

複数の Apple 製品における入力検証に関する脆弱性

Title	複数の Apple 製品における入力検証に関する脆弱性
Summary	複数の Apple 製品には、入力確認に関する処理に不備があるため、入力検証に関する脆弱性が存在します。
Possible impacts	悪意のあるアプリケーションを介して、制限されたメモリを読み取られる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	May 13, 2019, midnight
Registration Date	Jan. 6, 2020, 5:51 p.m.
Last Update	Jan. 6, 2020, 5:51 p.m.

Affected System

アップル

Apple Mac OS X 10.14.4

iCloud for Windows 10.4 未満 (Windows 10 18362.145 以降)

iCloud for Windows 7.12 未満 (Windows 7 以降)

iOS 12.3 未満 (iPad Air 以降)

iOS 12.3 未満 (iPhone 5s 以降)

iOS 12.3 未満 (iPod touch 第 6 世代)

iTunes for Windows 12.9.5 未満 (Windows 7 以降)

tvOS 12.3 未満 (Apple TV 4K)

tvOS 12.3 未満 (Apple TV HD)

watchOS 5.2.1 未満 (Apple Watch Series 1 以降)

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2019-8598	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8598
National Vulnerability Database (NVD)
2	CVE-2019-8598	https://nvd.nist.gov/vuln/detail/CVE-2019-8598

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html

ベンダー情報

No	Name	URL
Apple Security Updates
1	HT210118	https://support.apple.com/en-us/HT210118
2	HT210119	https://support.apple.com/en-us/HT210119
3	HT210120	https://support.apple.com/en-us/HT210120
4	HT210122	https://support.apple.com/en-us/HT210122
5	HT210124	https://support.apple.com/en-us/HT210124
6	HT210125	https://support.apple.com/en-us/HT210125
7	HT210212	https://support.apple.com/en-us/HT210212
Apple セキュリティアップデート
8	HT210118	https://support.apple.com/ja-jp/HT210118
9	HT210119	https://support.apple.com/ja-jp/HT210119
10	HT210120	https://support.apple.com/ja-jp/HT210120
11	HT210122	https://support.apple.com/ja-jp/HT210122
12	HT210124	https://support.apple.com/ja-jp/HT210124
13	HT210125	https://support.apple.com/ja-jp/HT210125
14	HT210212	https://support.apple.com/ja-jp/HT210212

その他

Change Log

No	Changed Details	Date of change
1	[2020年01月06日] 掲載	Jan. 6, 2020, 5:51 p.m.