A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information.
References
Link | Resource |
---|---|
https://support.apple.com/HT210721 | Vendor Advisory |
https://support.apple.com/HT210722 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2019-12-18 18:15
Updated : 2024-02-28 17:28
NVD link : CVE-2019-8789
Mitre link : CVE-2019-8789
CVE.ORG link : CVE-2019-8789
JSON object : View
Products Affected
apple
- mac_os_x
- iphone_os
- ipados
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')