VAR-201912-0570
Vulnerability from variot - Updated: 2024-11-23 21:59Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data. Apple Texture is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Texture is a magazine management app. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. Texture Canada Android & iOS Applications - Unencrypted Third Party Analytics (CVE-2019-8632) -- https://www.info-sec.ca/advisories/Texture.html
Overview
"Texture: Unlimited access to over 100 of the world's best magazines on your computer, smartphone or tablet."
(https://play.google.com/store/apps/details?id=com.nim.rogers) (https://itunes.apple.com/ca/app/texture-canada/id649174756)
Issue
The Texture Canada Android & iOS applications (Android version 4.21.0.1, iOS version 5.11.6 and below) sends potentially sensitive information such as number of app launches, device model, Android or iOS version and screen resolution, unencrypted to a third party site (ScorecardResearch).
Impact
An attacker who can monitor network traffic could capture potentially sensitive information about the user's device without their knowledge.
Timeline
July 10, 2018 - Attempted to notify Texture of the issue via security@texture.ca July 10, 2018 - Attempted to notify Texture of the issue via support@texture.ca July 12, 2018 - Provided the details of the issue to Apple via product-security@apple.com May 9, 2019 - Published an advisory to document the issue
Solution
Upgrade to Android version 4.22.0.4 or iOS version 5.11.10 (U.S. versions are also affected but have not been tested)
https://support.apple.com/en-us/HT210110 https://support.apple.com/en-us/HT210111 https://support.apple.com/en-us/HT201222
CVE-ID:
CVE-2019-8632
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-0570",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "texture",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.11.10"
},
{
"model": "texture",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "4.22.0.4"
},
{
"model": "texture",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for android 4.22.0.4 (android 4.1 or later )"
},
{
"model": "texture",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for ios 5.11.10 (ios 9.0 or later )"
},
{
"model": "texture for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "texture for android",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "texture for ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5.11.10"
},
{
"model": "texture for android",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "4.22.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "108304"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"db": "NVD",
"id": "CVE-2019-8632"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:texture",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Coomber",
"sources": [
{
"db": "PACKETSTORM",
"id": "152783"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-245"
}
],
"trust": 0.7
},
"cve": "CVE-2019-8632",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2019-8632",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-160067",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-8632",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-8632",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-8632",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-8632",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201905-245",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-160067",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160067"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-245"
},
{
"db": "NVD",
"id": "CVE-2019-8632"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some analytics data was sent using HTTP rather than HTTPS. This was addressed by no longer sending this analytics data. This issue is fixed in Texture 5.11.10 for iOS, Texture 4.22.0.4 for Android. An attacker in a privileged network position may be able to intercept analytics data. Apple Texture is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may aid in further attacks. Texture is a magazine management app. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. Texture Canada Android \u0026 iOS Applications - Unencrypted Third Party \nAnalytics (CVE-2019-8632)\n--\nhttps://www.info-sec.ca/advisories/Texture.html\n\nOverview\n\n\"Texture: Unlimited access to over 100 of the world\u0027s best magazines on \nyour computer, smartphone or tablet.\"\n\n(https://play.google.com/store/apps/details?id=com.nim.rogers)\n(https://itunes.apple.com/ca/app/texture-canada/id649174756)\n\nIssue\n\nThe Texture Canada Android \u0026 iOS applications (Android version 4.21.0.1, \niOS version 5.11.6 and below) sends potentially sensitive information \nsuch as number of app launches, device model, Android or iOS version and \nscreen resolution, unencrypted to a third party site (ScorecardResearch). \n\nImpact\n\nAn attacker who can monitor network traffic could capture potentially \nsensitive information about the user\u0027s device without their knowledge. \n\nTimeline\n\nJuly 10, 2018 - Attempted to notify Texture of the issue via \nsecurity@texture.ca\nJuly 10, 2018 - Attempted to notify Texture of the issue via \nsupport@texture.ca\nJuly 12, 2018 - Provided the details of the issue to Apple via \nproduct-security@apple.com\nMay 9, 2019 - Published an advisory to document the issue\n\nSolution\n\nUpgrade to Android version 4.22.0.4 or iOS version 5.11.10 (U.S. \nversions are also affected but have not been tested)\n\nhttps://support.apple.com/en-us/HT210110\nhttps://support.apple.com/en-us/HT210111\nhttps://support.apple.com/en-us/HT201222\n\nCVE-ID:\n\nCVE-2019-8632\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-8632"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"db": "BID",
"id": "108304"
},
{
"db": "VULHUB",
"id": "VHN-160067"
},
{
"db": "PACKETSTORM",
"id": "152783"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-8632",
"trust": 2.9
},
{
"db": "PACKETSTORM",
"id": "152783",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013373",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201905-245",
"trust": 0.7
},
{
"db": "BID",
"id": "108304",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-160067",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160067"
},
{
"db": "BID",
"id": "108304"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"db": "PACKETSTORM",
"id": "152783"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-245"
},
{
"db": "NVD",
"id": "CVE-2019-8632"
}
]
},
"id": "VAR-201912-0570",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-160067"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:59:34Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT210110",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT210110"
},
{
"title": "HT210111",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT210111"
},
{
"title": "HT210110",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT210110"
},
{
"title": "HT210111",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT210111"
},
{
"title": "Texture Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92437"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-245"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-319",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160067"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"db": "NVD",
"id": "CVE-2019-8632"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.info-sec.ca/advisories/texture.html"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht210110"
},
{
"trust": 1.7,
"url": "https://support.apple.com/ht210111"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8632"
},
{
"trust": 1.0,
"url": "https://support.apple.com/en-us/ht210110"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8632"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/152783/texture-canada-unencrypted-third-party-analytics.html"
},
{
"trust": 0.4,
"url": "https://support.apple.com/en-us/ht210111"
},
{
"trust": 0.3,
"url": "https://www.apple.com/"
},
{
"trust": 0.1,
"url": "https://itunes.apple.com/ca/app/texture-canada/id649174756)"
},
{
"trust": 0.1,
"url": "https://play.google.com/store/apps/details?id=com.nim.rogers)"
},
{
"trust": 0.1,
"url": "https://support.apple.com/en-us/ht201222"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160067"
},
{
"db": "BID",
"id": "108304"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"db": "PACKETSTORM",
"id": "152783"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-245"
},
{
"db": "NVD",
"id": "CVE-2019-8632"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-160067"
},
{
"db": "BID",
"id": "108304"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"db": "PACKETSTORM",
"id": "152783"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-245"
},
{
"db": "NVD",
"id": "CVE-2019-8632"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-160067"
},
{
"date": "2019-04-11T00:00:00",
"db": "BID",
"id": "108304"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"date": "2019-05-09T18:51:22",
"db": "PACKETSTORM",
"id": "152783"
},
{
"date": "2019-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-245"
},
{
"date": "2019-12-18T18:15:30.567000",
"db": "NVD",
"id": "CVE-2019-8632"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-160067"
},
{
"date": "2019-04-11T00:00:00",
"db": "BID",
"id": "108304"
},
{
"date": "2019-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"date": "2022-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201905-245"
},
{
"date": "2024-11-21T04:50:12.317000",
"db": "NVD",
"id": "CVE-2019-8632"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-245"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Texture Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-013373"
},
{
"db": "CNNVD",
"id": "CNNVD-201905-245"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201905-245"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.