4.3
CVSSv2

CVE-2019-8761

Published: 27/10/2020 Updated: 30/10/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Apple macOS could allow a remote malicious user to obtain sensitive information, caused by improper input validation by the UIFoundation component. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain user information, and use this information to launch further attacks against the affected system.

Most Upvoted Vulmon Research Post

CVE-2019-8761 is an interesting macOS bug that lets attackers execute HTML within a TXT file, leak files, and do all sorts of other funky things https://www.paulosyibelo.com/2021/04/this-man-thought-opening-txt-file-is.html

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x

Vendor Advisories

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page Apple security documents reference vulnerabilities by CVE-ID when possible ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-10-29-2 macOS Catalina 10151, Security Update 2019-001 Mojave, Security Update 2019-006 High Sierra macOS Catalina 10151, Security Update 2019-001 Mojave, Security Update 2019-006 High Sierra are now available and address the following: Accounts Available for: macOS Catalina 1015 ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 1015 macOS Catalina 1015 addresses the following: AMD Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Lat ...

Github Repositories

2021/03 Microsoft wins $219 billion contract with US Army to supply augmented reality headsets dont forget the shitBlackBerry 5G Hackers demand up to $40 million in ransom from Broward schools Pro¹X: A Linux smartphone (XDA) 2 3 Bookingcom fined €475,000 for late reporting of data breach @ 2018 Massive security breach at US universities 2 A man thought ope