CVE-2021-1857
Summary
| CVE | CVE-2021-1857 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-09-08 15:15:00 UTC |
| Updated | 2021-09-16 18:09:00 UTC |
| Description | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iTunes 12.11.3 for Windows, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave, iCloud for Windows 12.3, macOS Big Sur 11.3, watchOS 7.4, tvOS 14.5, iOS 14.5 and iPadOS 14.5. Processing maliciously crafted web content may disclose sensitive user information. |
Risk And Classification
Problem Types: CWE-665
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apple | Icloud | All | All | All | All |
| Operating System | Apple | Ipados | All | All | All | All |
| Operating System | Apple | Iphone Os | All | All | All | All |
| Application | Apple | Itunes | All | All | All | All |
| Operating System | Apple | Macos | All | All | All | All |
| Operating System | Apple | Mac Os X | 10.14 | All | All | All |
| Operating System | Apple | Mac Os X | 10.14.0 | All | All | All |
| Operating System | Apple | Mac Os X | 10.14.1 | All | All | All |
| Operating System | Apple | Mac Os X | 10.14.2 | All | All | All |
| Operating System | Apple | Mac Os X | 10.14.3 | All | All | All |
| Operating System | Apple | Mac Os X | 10.14.4 | All | All | All |
| Operating System | Apple | Mac Os X | 10.14.4 | beta4 | All | All |
| Operating System | Apple | Mac Os X | 10.14.5 | All | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | All | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | - | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-001 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-002 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-004 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-005 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-006 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2019-007 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-001 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-002 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-003 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-004 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-005 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-006 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2020-007 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2021-001 | All | All |
| Operating System | Apple | Mac Os X | 10.14.6 | security_update_2021-002 | All | All |
| Operating System | Apple | Mac Os X | 10.15 | All | All | All |
| Operating System | Apple | Mac Os X | 10.15.1 | All | All | All |
| Operating System | Apple | Mac Os X | 10.15.2 | All | All | All |
| Operating System | Apple | Mac Os X | 10.15.3 | All | All | All |
| Operating System | Apple | Mac Os X | 10.15.4 | All | All | All |
| Operating System | Apple | Mac Os X | 10.15.5 | All | All | All |
| Operating System | Apple | Mac Os X | 10.15.6 | All | All | All |
| Operating System | Apple | Mac Os X | 10.15.6 | - | All | All |
| Operating System | Apple | Mac Os X | 10.15.6 | supplemental_update | All | All |
| Operating System | Apple | Mac Os X | 10.15.7 | All | All | All |
| Operating System | Apple | Mac Os X | 10.15.7 | - | All | All |
| Operating System | Apple | Mac Os X | 10.15.7 | security_update_2020 | All | All |
| Operating System | Apple | Mac Os X | 10.15.7 | security_update_2020-001 | All | All |
| Operating System | Apple | Mac Os X | 10.15.7 | security_update_2020-005 | All | All |
| Operating System | Apple | Mac Os X | 10.15.7 | security_update_2020-007 | All | All |
| Operating System | Apple | Mac Os X | 10.15.7 | security_update_2021-001 | All | All |
| Operating System | Apple | Tvos | All | All | All | All |
| Operating System | Apple | Watchos | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| About the security content of macOS Big Sur 11.3 - Apple Support | MISC | support.apple.com | |
| About the security content of watchOS 7.4 - Apple Support | MISC | support.apple.com | |
| About the security content of tvOS 14.5 - Apple Support | MISC | support.apple.com | |
| About the security content of Security Update 2021-002 Catalina - Apple Support | MISC | support.apple.com | |
| About the security content of iCloud for Windows 12.3 - Apple Support | MISC | support.apple.com | |
| About the security content of Security Update 2021-003 Mojave - Apple Support | MISC | support.apple.com | |
| About the security content of iTunes 12.11.3 for Windows - Apple Support | MISC | support.apple.com | |
| About the security content of iOS 14.5 and iPadOS 14.5 - Apple Support | MISC | support.apple.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 375503 Apple MacOS Big Sur 11.3 Not Installed (HT212325)
- 375506 Apple iCloud for Windows Prior to 12.3 Multiple Vulnerabilities(HT212321)
- 375507 Apple macOS Security Update 2021-002 Catalina (HT212326)
- 375508 Apple iTunes for Windows Prior to 12.11.3 Multiple Vulnerabilities (HT212319)
- 375510 Apple macOS Security Update 2021-003 Mojave (HT212327)
- 376650 Apple iTunes for Windows Prior to 12.11.3 Vulnerabilities (HT212319)
- 610334 Apple iOS 14.5 and iPadOS 14.5 Security Update Missing (HT212317)