CVE-2019-8801

A dynamic library loading issue existed in iTunes setup. This was addressed with improved path searching. This issue is fixed in macOS Catalina 10.15.1, iTunes for Windows 12.10.2. Running the iTunes installer in an untrusted directory may result in arbitrary code execution.
References
Link Resource
https://support.apple.com/HT210726 Vendor Advisory
https://support.apple.com/HT210722 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Information

Published : 2019-12-18 06:15

Updated : 2019-12-30 09:20


NVD link : CVE-2019-8801

Mitre link : CVE-2019-8801

Products Affected
No products.
CWE
CWE-426

Untrusted Search Path