exploitDog

CVE-2019-6232

Опубликовано: 18 дек. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 7.6

EPSS Низкий

Описание

A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.

Ссылки

https://support.apple.com/HT209605
Vendor Advisory
https://support.apple.com/HT209605
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*

Версия до 7.11 (исключая)

EPSS

Процентиль: 58%

0.00364

Низкий

7.5 High

CVSS3

7.6 High

CVSS2

Дефекты

CWE-362

Связанные уязвимости

GHSA-mgvm-678f-6rwc

github

больше 3 лет назад

A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.

EPSS

Процентиль: 58%

0.00364

Низкий

7.5 High

CVSS3

7.6 High

CVSS2

Дефекты

CWE-362