NVD Vulnerability Detail

CVE-2019-8751

Summary	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
Publication Date	Oct. 28, 2020, 5:15 a.m.
Registration Date	Jan. 26, 2021, 11:44 a.m.
Last Update	Nov. 21, 2024, 1:50 p.m.

Affected software configurations

Related information, measures and tools

No	URL	タグ
1	https://support.apple.com/en-us/HT210603	Vendor Advisory
2	https://support.apple.com/en-us/HT210604	Vendor Advisory
3	https://support.apple.com/en-us/HT210605	Vendor Advisory
4	https://support.apple.com/en-us/HT210607	Vendor Advisory
5	https://support.apple.com/en-us/HT210635	Vendor Advisory
6	https://support.apple.com/en-us/HT210636	Vendor Advisory
7	https://support.apple.com/en-us/HT210637	Vendor Advisory
8	https://support.apple.com/en-us/HT210603	Vendor Advisory
9	https://support.apple.com/en-us/HT210637	Vendor Advisory
10	https://support.apple.com/en-us/HT210636	Vendor Advisory
11	https://support.apple.com/en-us/HT210635	Vendor Advisory
12	https://support.apple.com/en-us/HT210607	Vendor Advisory
13	https://support.apple.com/en-us/HT210605	Vendor Advisory
14	https://support.apple.com/en-us/HT210604	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-787	境界外書き込み	https://cwe.mitre.org/data/definitions/787.html

JVN Vulnerability Information

複数の Apple 製品における複数のメモリ破損の脆弱性

Title	複数の Apple 製品における複数のメモリ破損の脆弱性
Summary	複数の Apple 製品には、メモリ処理に不備があるため、複数のメモリ破損の脆弱性が存在します。
Possible impacts	悪意を持って作成された Web コンテンツの処理を介して、任意のコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Sept. 19, 2019, midnight
Registration Date	Feb. 17, 2021, 4:47 p.m.
Last Update	Feb. 17, 2021, 4:47 p.m.

Affected System

アップル

iCloud for Windows 10.7 未満 (Microsoft Store から入手した Windows 10 以降)

iCloud for Windows 7.14 未満 (Windows 7 以降)

iOS 13.1 未満 (iPhone 6s 以降)

iOS 13.1 未満 (iPod touch 第 7 世代)

iPadOS 13.1 未満 (iPad Air 2 以降)

iPadOS 13.1 未満 (iPad mini 4以降)

iTunes for Windows 12.10.1 未満 (Windows 7 以降)

Safari 13.0.1 未満 (macOS High Sierra 10.13.6)

Safari 13.0.1 未満 (macOS Mojave 10.14.6)

tvOS 13 未満 (Apple TV 4K)

tvOS 13 未満 (Apple TV HD)

watchOS 6 未満 (Apple Watch Series 3 以降)

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2019-8751	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8751
National Vulnerability Database (NVD)
2	CVE-2019-8751	https://nvd.nist.gov/vuln/detail/CVE-2019-8751

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
Apple Security Updates
1	HT210603	https://support.apple.com/en-us/HT210603
2	HT210604	https://support.apple.com/en-us/HT210604
3	HT210605	https://support.apple.com/en-us/HT210605
4	HT210607	https://support.apple.com/en-us/HT210607
5	HT210635	https://support.apple.com/en-us/HT210635
6	HT210636	https://support.apple.com/en-us/HT210636
7	HT210637	https://support.apple.com/en-us/HT210637
Apple セキュリティアップデート
8	HT210603	https://support.apple.com/ja-jp/HT210603
9	HT210604	https://support.apple.com/ja-jp/HT210604
10	HT210605	https://support.apple.com/ja-jp/HT210605
11	HT210607	https://support.apple.com/ja-jp/HT210607
12	HT210635	https://support.apple.com/ja-jp/HT210635
13	HT210636	https://support.apple.com/ja-jp/HT210636
14	HT210637	https://support.apple.com/ja-jp/HT210637

その他

No	Name	URL
JVN
1	JVNVU#90484857	http://jvn.jp/vu/JVNVU90484857/index.html
2	JVNVU#98778455	http://jvn.jp/vu/JVNVU98778455/index.html

Change Log

No	Changed Details	Date of change
1	[2021年02月17日] 掲載	Feb. 17, 2021, 4:47 p.m.