Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2019-AVI-204
Vulnerability from certfr_avis - Published: 2019-05-14 - Updated: 2019-05-14
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | watchOS versions antérieures à 5.2.1 | ||
| Apple | macOS | macOS Mojave 10.14.4, macOS Sierra 10.12.6 et macOS High Sierra 10.13.6 sans le correctif de sécurité Security Update 2019-003 | ||
| Apple | N/A | iOS versions antérieures à 12.3 | ||
| Apple | N/A | tvOS versions antérieures à 12.3 | ||
| Apple | N/A | Apple TV Software versions antérieures à 7.3 | ||
| Apple | Safari | Safari versions antérieures à 12.1.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "watchOS versions ant\u00e9rieures \u00e0 5.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Mojave 10.14.4, macOS Sierra 10.12.6 et macOS High Sierra 10.13.6 sans le correctif de s\u00e9curit\u00e9 Security Update 2019-003",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iOS versions ant\u00e9rieures \u00e0 12.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 12.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Apple TV Software versions ant\u00e9rieures \u00e0 7.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 12.1.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-8620",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8620"
},
{
"name": "CVE-2019-8596",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8596"
},
{
"name": "CVE-2019-8634",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8634"
},
{
"name": "CVE-2019-8595",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8595"
},
{
"name": "CVE-2019-8615",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8615"
},
{
"name": "CVE-2019-8590",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8590"
},
{
"name": "CVE-2019-8574",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8574"
},
{
"name": "CVE-2019-8609",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8609"
},
{
"name": "CVE-2018-4456",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4456"
},
{
"name": "CVE-2019-8613",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8613"
},
{
"name": "CVE-2019-8591",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8591"
},
{
"name": "CVE-2019-8626",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8626"
},
{
"name": "CVE-2019-8576",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8576"
},
{
"name": "CVE-2019-8571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8571"
},
{
"name": "CVE-2019-8577",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8577"
},
{
"name": "CVE-2019-8600",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8600"
},
{
"name": "CVE-2019-8635",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8635"
},
{
"name": "CVE-2019-8608",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8608"
},
{
"name": "CVE-2017-9417",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9417"
},
{
"name": "CVE-2019-8602",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8602"
},
{
"name": "CVE-2017-14315",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14315"
},
{
"name": "CVE-2019-8593",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8593"
},
{
"name": "CVE-2019-8569",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8569"
},
{
"name": "CVE-2019-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6237"
},
{
"name": "CVE-2019-8599",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8599"
},
{
"name": "CVE-2019-8597",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8597"
},
{
"name": "CVE-2019-8611",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8611"
},
{
"name": "CVE-2019-8623",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8623"
},
{
"name": "CVE-2019-8629",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8629"
},
{
"name": "CVE-2019-8622",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8622"
},
{
"name": "CVE-2019-8637",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8637"
},
{
"name": "CVE-2019-8560",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8560"
},
{
"name": "CVE-2019-8617",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8617"
},
{
"name": "CVE-2019-8630",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8630"
},
{
"name": "CVE-2019-8585",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8585"
},
{
"name": "CVE-2019-8605",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8605"
},
{
"name": "CVE-2019-8604",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8604"
},
{
"name": "CVE-2019-8589",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8589"
},
{
"name": "CVE-2019-8587",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8587"
},
{
"name": "CVE-2019-8592",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8592"
},
{
"name": "CVE-2019-8619",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8619"
},
{
"name": "CVE-2019-8610",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8610"
},
{
"name": "CVE-2019-8628",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8628"
},
{
"name": "CVE-2019-8601",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8601"
},
{
"name": "CVE-2019-8583",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8583"
},
{
"name": "CVE-2019-8606",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8606"
},
{
"name": "CVE-2019-8603",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8603"
},
{
"name": "CVE-2019-8616",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8616"
},
{
"name": "CVE-2019-8586",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8586"
},
{
"name": "CVE-2019-8594",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8594"
},
{
"name": "CVE-2017-6975",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6975"
},
{
"name": "CVE-2019-8568",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8568"
},
{
"name": "CVE-2019-8607",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8607"
},
{
"name": "CVE-2019-8598",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8598"
},
{
"name": "CVE-2019-8584",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8584"
}
],
"initial_release_date": "2019-05-14T00:00:00",
"last_revision_date": "2019-05-14T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-204",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-05-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT210122 du 13 mai 2019",
"url": "https://support.apple.com/en-us/HT210122"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT210123 du 13 mai 2019",
"url": "https://support.apple.com/en-us/HT210123"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT210120 du 13 mai 2019",
"url": "https://support.apple.com/en-us/HT210120"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT210118 du 13 mai 2019",
"url": "https://support.apple.com/en-us/HT210118"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT210119 du 13 mai 2019",
"url": "https://support.apple.com/en-us/HT210119"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT210121 du 13 mai 2019",
"url": "https://support.apple.com/en-us/HT210121"
}
]
}
CVE-2019-8613 (GCVE-0-2019-8613)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution.
Severity
No CVSS data available.
CWE
- A remote attacker may be able to cause arbitrary code execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT210118 | x_refsource_MISC |
| https://support.apple.com/HT210120 | x_refsource_MISC |
| https://support.apple.com/HT210122 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:29.132Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210122"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 5.2.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A remote attacker may be able to cause arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:18.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210122"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 12.3"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 12.3"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 5.2.1"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A remote attacker may be able to cause arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210118",
"refsource": "MISC",
"url": "https://support.apple.com/HT210118"
},
{
"name": "https://support.apple.com/HT210120",
"refsource": "MISC",
"url": "https://support.apple.com/HT210120"
},
{
"name": "https://support.apple.com/HT210122",
"refsource": "MISC",
"url": "https://support.apple.com/HT210122"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8613",
"datePublished": "2019-12-18T17:33:18.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:29.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8615 (GCVE-0-2019-8615)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Processing maliciously crafted web content may lead to arbitrary code execution
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT210118 | x_refsource_MISC |
| https://support.apple.com/HT210119 | x_refsource_MISC |
| https://support.apple.com/HT210120 | x_refsource_MISC |
| https://support.apple.com/HT210123 | x_refsource_MISC |
| https://support.apple.com/HT210124 | x_refsource_MISC |
| https://support.apple.com/HT210125 | x_refsource_MISC |
| https://support.apple.com/HT210212 | x_refsource_MISC |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | iOS |
Affected:
unspecified , < iOS 12.3
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < macOS Mojave 10.14.5
(custom)
|
|
| Apple | tvOS |
Affected:
unspecified , < tvOS 12.3
(custom)
|
|
| Apple | Safari |
Affected:
unspecified , < Safari 12.1.1
(custom)
|
|
| Apple | iTunes for Windows |
Affected:
unspecified , < iTunes for Windows 12.9.5
(custom)
|
|
| Apple | iCloud for Windows |
Affected:
unspecified , < iCloud for Windows 7.12
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:28.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210212"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Mojave 10.14.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 12.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes for Windows 12.9.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:19.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210212"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 12.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Mojave 10.14.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 12.3"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 12.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes for Windows 12.9.5"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.12"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210118",
"refsource": "MISC",
"url": "https://support.apple.com/HT210118"
},
{
"name": "https://support.apple.com/HT210119",
"refsource": "MISC",
"url": "https://support.apple.com/HT210119"
},
{
"name": "https://support.apple.com/HT210120",
"refsource": "MISC",
"url": "https://support.apple.com/HT210120"
},
{
"name": "https://support.apple.com/HT210123",
"refsource": "MISC",
"url": "https://support.apple.com/HT210123"
},
{
"name": "https://support.apple.com/HT210124",
"refsource": "MISC",
"url": "https://support.apple.com/HT210124"
},
{
"name": "https://support.apple.com/HT210125",
"refsource": "MISC",
"url": "https://support.apple.com/HT210125"
},
{
"name": "https://support.apple.com/HT210212",
"refsource": "MISC",
"url": "https://support.apple.com/HT210212"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8615",
"datePublished": "2019-12-18T17:33:19.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:28.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8616 (GCVE-0-2019-8616)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.
Severity
No CVSS data available.
CWE
- An application may be able to execute arbitrary code with system privileges
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.apple.com/HT210119 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:29.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210119"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Mojave 10.14.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "An application may be able to execute arbitrary code with system privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:19.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210119"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Mojave 10.14.5"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "An application may be able to execute arbitrary code with system privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210119",
"refsource": "MISC",
"url": "https://support.apple.com/HT210119"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8616",
"datePublished": "2019-12-18T17:33:19.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:29.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8617 (GCVE-0-2019-8617)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.3. A sandboxed process may be able to circumvent sandbox restrictions.
Severity
No CVSS data available.
CWE
- A sandboxed process may be able to circumvent sandbox restrictions
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://support.apple.com/HT210118 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:29.037Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210118"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.3. A sandboxed process may be able to circumvent sandbox restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A sandboxed process may be able to circumvent sandbox restrictions",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:18.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210118"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 12.3"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 12.3. A sandboxed process may be able to circumvent sandbox restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A sandboxed process may be able to circumvent sandbox restrictions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210118",
"refsource": "MISC",
"url": "https://support.apple.com/HT210118"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8617",
"datePublished": "2019-12-18T17:33:18.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:29.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8619 (GCVE-0-2019-8619)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Processing maliciously crafted web content may lead to arbitrary code execution
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT210118 | x_refsource_MISC |
| https://support.apple.com/HT210119 | x_refsource_MISC |
| https://support.apple.com/HT210120 | x_refsource_MISC |
| https://support.apple.com/HT210123 | x_refsource_MISC |
| https://support.apple.com/HT210124 | x_refsource_MISC |
| https://support.apple.com/HT210125 | x_refsource_MISC |
| https://support.apple.com/HT210212 | x_refsource_MISC |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | iOS |
Affected:
unspecified , < iOS 12.3
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < macOS Mojave 10.14.5
(custom)
|
|
| Apple | tvOS |
Affected:
unspecified , < tvOS 12.3
(custom)
|
|
| Apple | Safari |
Affected:
unspecified , < Safari 12.1.1
(custom)
|
|
| Apple | iTunes for Windows |
Affected:
unspecified , < iTunes for Windows 12.9.5
(custom)
|
|
| Apple | iCloud for Windows |
Affected:
unspecified , < iCloud for Windows 7.12
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:28.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210212"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Mojave 10.14.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 12.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes for Windows 12.9.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:19.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210212"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 12.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Mojave 10.14.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 12.3"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 12.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes for Windows 12.9.5"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.12"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210118",
"refsource": "MISC",
"url": "https://support.apple.com/HT210118"
},
{
"name": "https://support.apple.com/HT210119",
"refsource": "MISC",
"url": "https://support.apple.com/HT210119"
},
{
"name": "https://support.apple.com/HT210120",
"refsource": "MISC",
"url": "https://support.apple.com/HT210120"
},
{
"name": "https://support.apple.com/HT210123",
"refsource": "MISC",
"url": "https://support.apple.com/HT210123"
},
{
"name": "https://support.apple.com/HT210124",
"refsource": "MISC",
"url": "https://support.apple.com/HT210124"
},
{
"name": "https://support.apple.com/HT210125",
"refsource": "MISC",
"url": "https://support.apple.com/HT210125"
},
{
"name": "https://support.apple.com/HT210212",
"refsource": "MISC",
"url": "https://support.apple.com/HT210212"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8619",
"datePublished": "2019-12-18T17:33:19.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:28.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8620 (GCVE-0-2019-8620)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address.
Severity
No CVSS data available.
CWE
- A device may be passively tracked by its WiFi MAC address
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT210118 | x_refsource_MISC |
| https://support.apple.com/HT210120 | x_refsource_MISC |
| https://support.apple.com/HT210122 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:28.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210122"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 5.2.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A device may be passively tracked by its WiFi MAC address",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:18.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210122"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8620",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 12.3"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 12.3"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 5.2.1"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. A device may be passively tracked by its WiFi MAC address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A device may be passively tracked by its WiFi MAC address"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210118",
"refsource": "MISC",
"url": "https://support.apple.com/HT210118"
},
{
"name": "https://support.apple.com/HT210120",
"refsource": "MISC",
"url": "https://support.apple.com/HT210120"
},
{
"name": "https://support.apple.com/HT210122",
"refsource": "MISC",
"url": "https://support.apple.com/HT210122"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8620",
"datePublished": "2019-12-18T17:33:18.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:28.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8622 (GCVE-0-2019-8622)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Processing maliciously crafted web content may lead to arbitrary code execution
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT210118 | x_refsource_MISC |
| https://support.apple.com/HT210119 | x_refsource_MISC |
| https://support.apple.com/HT210120 | x_refsource_MISC |
| https://support.apple.com/HT210123 | x_refsource_MISC |
| https://support.apple.com/HT210124 | x_refsource_MISC |
| https://support.apple.com/HT210125 | x_refsource_MISC |
| https://support.apple.com/HT210212 | x_refsource_MISC |
| https://support.apple.com/HT210122 | x_refsource_MISC |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | iOS |
Affected:
unspecified , < iOS 12.3
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < macOS Mojave 10.14.5
(custom)
|
|
| Apple | tvOS |
Affected:
unspecified , < tvOS 12.3
(custom)
|
|
| Apple | watchOS |
Affected:
unspecified , < watchOS 5.2.1
(custom)
|
|
| Apple | Safari |
Affected:
unspecified , < Safari 12.1.1
(custom)
|
|
| Apple | iTunes for Windows |
Affected:
unspecified , < iTunes for Windows 12.9.5
(custom)
|
|
| Apple | iCloud for Windows |
Affected:
unspecified , < iCloud for Windows 7.12
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:28.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210212"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210122"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Mojave 10.14.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 5.2.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 12.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes for Windows 12.9.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:19.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210212"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210122"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8622",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 12.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Mojave 10.14.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 12.3"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 5.2.1"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 12.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes for Windows 12.9.5"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.12"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210118",
"refsource": "MISC",
"url": "https://support.apple.com/HT210118"
},
{
"name": "https://support.apple.com/HT210119",
"refsource": "MISC",
"url": "https://support.apple.com/HT210119"
},
{
"name": "https://support.apple.com/HT210120",
"refsource": "MISC",
"url": "https://support.apple.com/HT210120"
},
{
"name": "https://support.apple.com/HT210123",
"refsource": "MISC",
"url": "https://support.apple.com/HT210123"
},
{
"name": "https://support.apple.com/HT210124",
"refsource": "MISC",
"url": "https://support.apple.com/HT210124"
},
{
"name": "https://support.apple.com/HT210125",
"refsource": "MISC",
"url": "https://support.apple.com/HT210125"
},
{
"name": "https://support.apple.com/HT210212",
"refsource": "MISC",
"url": "https://support.apple.com/HT210212"
},
{
"name": "https://support.apple.com/HT210122",
"refsource": "MISC",
"url": "https://support.apple.com/HT210122"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8622",
"datePublished": "2019-12-18T17:33:19.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:28.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8623 (GCVE-0-2019-8623)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Processing maliciously crafted web content may lead to arbitrary code execution
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT210118 | x_refsource_MISC |
| https://support.apple.com/HT210119 | x_refsource_MISC |
| https://support.apple.com/HT210120 | x_refsource_MISC |
| https://support.apple.com/HT210123 | x_refsource_MISC |
| https://support.apple.com/HT210124 | x_refsource_MISC |
| https://support.apple.com/HT210125 | x_refsource_MISC |
| https://support.apple.com/HT210212 | x_refsource_MISC |
| https://support.apple.com/HT210122 | x_refsource_MISC |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | iOS |
Affected:
unspecified , < iOS 12.3
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < macOS Mojave 10.14.5
(custom)
|
|
| Apple | tvOS |
Affected:
unspecified , < tvOS 12.3
(custom)
|
|
| Apple | watchOS |
Affected:
unspecified , < watchOS 5.2.1
(custom)
|
|
| Apple | Safari |
Affected:
unspecified , < Safari 12.1.1
(custom)
|
|
| Apple | iTunes for Windows |
Affected:
unspecified , < iTunes for Windows 12.9.5
(custom)
|
|
| Apple | iCloud for Windows |
Affected:
unspecified , < iCloud for Windows 7.12
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:29.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210212"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210122"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Mojave 10.14.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 5.2.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 12.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes for Windows 12.9.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:19.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210212"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210122"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 12.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Mojave 10.14.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 12.3"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 5.2.1"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 12.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes for Windows 12.9.5"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.12"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210118",
"refsource": "MISC",
"url": "https://support.apple.com/HT210118"
},
{
"name": "https://support.apple.com/HT210119",
"refsource": "MISC",
"url": "https://support.apple.com/HT210119"
},
{
"name": "https://support.apple.com/HT210120",
"refsource": "MISC",
"url": "https://support.apple.com/HT210120"
},
{
"name": "https://support.apple.com/HT210123",
"refsource": "MISC",
"url": "https://support.apple.com/HT210123"
},
{
"name": "https://support.apple.com/HT210124",
"refsource": "MISC",
"url": "https://support.apple.com/HT210124"
},
{
"name": "https://support.apple.com/HT210125",
"refsource": "MISC",
"url": "https://support.apple.com/HT210125"
},
{
"name": "https://support.apple.com/HT210212",
"refsource": "MISC",
"url": "https://support.apple.com/HT210212"
},
{
"name": "https://support.apple.com/HT210122",
"refsource": "MISC",
"url": "https://support.apple.com/HT210122"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8623",
"datePublished": "2019-12-18T17:33:19.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:29.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8626 (GCVE-0-2019-8626)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.
Severity
No CVSS data available.
CWE
- Processing a maliciously crafted message may lead to a denial of service
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT210118 | x_refsource_MISC |
| https://support.apple.com/HT210122 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:29.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210122"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "watchOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "watchOS 5.2.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing a maliciously crafted message may lead to a denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:19.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210122"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 12.3"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "watchOS 5.2.1"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing a maliciously crafted message may lead to a denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210118",
"refsource": "MISC",
"url": "https://support.apple.com/HT210118"
},
{
"name": "https://support.apple.com/HT210122",
"refsource": "MISC",
"url": "https://support.apple.com/HT210122"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8626",
"datePublished": "2019-12-18T17:33:19.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:29.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8628 (GCVE-0-2019-8628)
Vulnerability from cvelistv5 – Published: 2019-12-18 17:33 – Updated: 2024-08-04 21:24
VLAI
EPSS
Summary
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution.
Severity
No CVSS data available.
CWE
- Processing maliciously crafted web content may lead to arbitrary code execution
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://support.apple.com/HT210118 | x_refsource_MISC |
| https://support.apple.com/HT210119 | x_refsource_MISC |
| https://support.apple.com/HT210120 | x_refsource_MISC |
| https://support.apple.com/HT210123 | x_refsource_MISC |
| https://support.apple.com/HT210124 | x_refsource_MISC |
| https://support.apple.com/HT210125 | x_refsource_MISC |
| https://support.apple.com/HT210212 | x_refsource_MISC |
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apple | iOS |
Affected:
unspecified , < iOS 12.3
(custom)
|
|
| Apple | macOS |
Affected:
unspecified , < macOS Mojave 10.14.5
(custom)
|
|
| Apple | tvOS |
Affected:
unspecified , < tvOS 12.3
(custom)
|
|
| Apple | Safari |
Affected:
unspecified , < Safari 12.1.1
(custom)
|
|
| Apple | iTunes for Windows |
Affected:
unspecified , < iTunes for Windows 12.9.5
(custom)
|
|
| Apple | iCloud for Windows |
Affected:
unspecified , < iCloud for Windows 7.12
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:24:28.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/HT210212"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "iOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "macOS Mojave 10.14.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "tvOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "tvOS 12.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Safari",
"vendor": "Apple",
"versions": [
{
"lessThan": "Safari 12.1.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iTunes for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iTunes for Windows 12.9.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iCloud for Windows",
"vendor": "Apple",
"versions": [
{
"lessThan": "iCloud for Windows 7.12",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Processing maliciously crafted web content may lead to arbitrary code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-18T17:33:19.000Z",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210120"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210123"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210124"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210125"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/HT210212"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2019-8628",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iOS 12.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "macOS Mojave 10.14.5"
}
]
}
},
{
"product_name": "tvOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "tvOS 12.3"
}
]
}
},
{
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "Safari 12.1.1"
}
]
}
},
{
"product_name": "iTunes for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iTunes for Windows 12.9.5"
}
]
}
},
{
"product_name": "iCloud for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "iCloud for Windows 7.12"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT210118",
"refsource": "MISC",
"url": "https://support.apple.com/HT210118"
},
{
"name": "https://support.apple.com/HT210119",
"refsource": "MISC",
"url": "https://support.apple.com/HT210119"
},
{
"name": "https://support.apple.com/HT210120",
"refsource": "MISC",
"url": "https://support.apple.com/HT210120"
},
{
"name": "https://support.apple.com/HT210123",
"refsource": "MISC",
"url": "https://support.apple.com/HT210123"
},
{
"name": "https://support.apple.com/HT210124",
"refsource": "MISC",
"url": "https://support.apple.com/HT210124"
},
{
"name": "https://support.apple.com/HT210125",
"refsource": "MISC",
"url": "https://support.apple.com/HT210125"
},
{
"name": "https://support.apple.com/HT210212",
"refsource": "MISC",
"url": "https://support.apple.com/HT210212"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2019-8628",
"datePublished": "2019-12-18T17:33:19.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:24:28.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…