Fluoroacetate

**Nome do software vulnerável e versões afetadas** Componente gráfico do Windows (versões afetadas não especificadas) **Descrição** O problema está relacionado a erros no tratamento de objetos na memória dentro do componente gráfico do Windows. Isso pode ser explorado por um invasor para, potencialmente, elevar seus privilégios ou executar código arbitrário por meio de um aplicativo especialmente criado. Uma vulnerabilidade de elevação de privilégios permite que invasores afetem o sistema. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Nome do software vulnerável e versões afetadas** Versões do Xiaomi MIUI anteriores à 11.0.1.54 Versões do GetApps (com.xiaomi.mipicks) anteriores à 2001122 **Descrição** Foi detectada uma falha no componente de exportação do GetApps, que processa incorretamente a funcionalidade de abertura de outros componentes. Invasores podem induzir usuários a abrir páginas da web específicas em um ambiente de rede específico, levando ao vazamento de informações. Isso ocorre quando o componente WebView do Messaging é carregado com páginas da web maliciosas. **Recomendações** Para versões do Xiaomi MIUI anteriores à 11.0.1.54, atualize para a versão 11.0.1.54 ou posterior para resolver o problema. Para versões do GetApps (com.xiaomi.mipicks) anteriores à 2001122, atualize para a versão 2001122 ou posterior para resolver o problema. Como solução temporária, considere restringir o acesso ao componente WebView do Messaging para minimizar o risco de exploração.

**Nome do software vulnerável e versões afetadas** Samsung Galaxy S10, versões de firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) **Descrição** Esta vulnerabilidade permite que invasores remotos executem código arbitrário nos dispositivos afetados. A exploração requer interação do usuário, especificamente atender uma chamada telefônica. A falha existe nas mensagens de configuração de controle de chamadas devido à falta de validação adequada do comprimento dos dados fornecidos pelo usuário antes de copiá-los para um buffer de comprimento fixo baseado em pilha. Um invasor pode aproveitar isso para executar código no contexto do processador de banda base. **Recomendações** Para o firmware do Samsung Galaxy S10 versão G973FXXS3ASJA, atualize para uma versão que corrija o problema com a validação adequada do comprimento dos dados fornecidos pelo usuário. Para as versões de firmware do Samsung Galaxy S10 O(8.x), P(9.0) e Q(10.0), certifique-se de que todas as mensagens de configuração de controle de chamada sejam devidamente validadas para evitar estouro de buffer baseado em pilha. Como solução alternativa temporária, considere restringir ou desativar o tratamento de mensagens de configuração de controle de chamadas até que um patch esteja disponível.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.14.5 **Description** A memory corruption issue was addressed with improved memory handling, allowing an application to potentially execute arbitrary code with system privileges. **Recommendations** For versions prior to 10.14.5, update to macOS Mojave 10.14.5 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the Windows kernel, which fails to properly handle objects in memory. This can be exploited by an attacker to execute arbitrary code in kernel mode using a specially crafted application. The vulnerability is associated with insufficient access control in the Windows kernel. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability that exists when the Windows kernel fails to properly handle objects in memory. This can allow an attacker to execute arbitrary code and gain control over the vulnerable system. The vulnerability is associated with errors in processing objects in memory in the Windows kernel's DirectComposition component. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.3 macOS Mojave versions prior to 10.14.5 tvOS versions prior to 12.3 watchOS versions prior to 5.2.1 Safari versions prior to 12.1.1 iTunes for Windows versions prior to 12.9.5 iCloud for Windows versions prior to 7.12 **Description** The issue is caused by multiple memory corruption problems and an integer overflow, which may lead to arbitrary code execution when processing maliciously crafted web content. This allows a remote attacker to execute arbitrary code. **Recommendations** For iOS versions prior to 12.3, update to iOS 12.3 or later. For macOS Mojave versions prior to 10.14.5, update to macOS Mojave 10.14.5 or later. For tvOS versions prior to 12.3, update to tvOS 12.3 or later. For watchOS versions prior to 5.2.1, update to watchOS 5.2.1 or later. For Safari versions prior to 12.1.1, update to Safari 12.1.1 or later. For iTunes for Windows versions prior to 12.9.5, update to iTunes for Windows 12.9.5 or later. For iCloud for Windows versions prior to 7.12, update to iCloud for Windows 7.12 or later.

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 5.2.28 Oracle VM VirtualBox versions prior to 6.0.6 **Description** The issue allows a low-privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks can result in the takeover of Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. **Recommendations** For versions prior to 5.2.28, update to version 5.2.28 or later. For versions prior to 6.0.6, update to version 6.0.6 or later.

**Name of the Vulnerable Software and Affected Versions** Xiaomi Mi6 Browser versions prior to 10.4.0 **Description** This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The specific flaw exists within the `WebAssembly.Instance` method, resulting from the lack of proper validation of user-supplied data. This can lead to a write past the end of a heap-based buffer, allowing an attacker to execute code in the context of the current process. **Recommendations** For versions prior to 10.4.0, update to version 10.4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially malicious web pages or files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** VMware ESXi versions 6.7 before ESXi670-201903001 VMware ESXi versions 6.5 before ESXi650-201903001 VMware ESXi versions 6.0 before ESXi600-201903001 VMware Workstation versions 15.x before 15.0.4 VMware Workstation versions 14.x before 14.1.7 VMware Fusion versions 11.x before 11.0.3 VMware Fusion versions 10.x before 10.1.6 **Description** The issue is related to an out-of-bounds read/write vulnerability in the virtual USB 1.1 UHCI. Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This may allow a guest to execute code on the host. **Recommendations** For VMware ESXi versions 6.7 before ESXi670-201903001, update to ESXi670-201903001 or later. For VMware ESXi versions 6.5 before ESXi650-201903001, update to ESXi650-201903001 or later. For VMware ESXi versions 6.0 before ESXi600-201903001, update to ESXi600-201903001 or later. For VMware Workstation versions 15.x before 15.0.4, update to 15.0.4 or later. For VMware Workstation versions 14.x before 14.1.7, update to 14.1.7 or later. For VMware Fusion versions 11.x before 11.0.3, update to 11.0.3 or later. For VMware Fusion versions 10.x before 10.1.6, update to 10.1.6 or later.

**Name of the Vulnerable Software and Affected Versions** VMware ESXi versions 6.7 before ESXi670-201903001 VMware ESXi versions 6.5 before ESXi650-201903001 VMware ESXi versions 6.0 before ESXi600-201903001 VMware Workstation versions 15.x before 15.0.4 VMware Workstation versions 14.x before 14.1.7 VMware Fusion versions 11.x before 11.0.3 VMware Fusion versions 10.x before 10.1.6 **Description** The issue is related to a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI. This vulnerability may allow a guest to execute code on the host. Exploitation requires an attacker to have access to a virtual machine with a virtual USB controller present. The vulnerability is also described as a race condition, which may allow an attacker to execute arbitrary code using the virtual USB controller. **Recommendations** For VMware ESXi versions 6.7 before ESXi670-201903001, update to ESXi670-201903001 or later. For VMware ESXi versions 6.5 before ESXi650-201903001, update to ESXi650-201903001 or later. For VMware ESXi versions 6.0 before ESXi600-201903001, update to ESXi600-201903001 or later. For VMware Workstation versions 15.x before 15.0.4, update to 15.0.4 or later. For VMware Workstation versions 14.x before 14.1.7, update to 14.1.7 or later. For VMware Fusion versions 11.x before 11.0.3, update to 11.0.3 or later. For VMware Fusion versions 10.x before 10.1.6, update to 10.1.6 or later.

**Name of the Vulnerable Software and Affected Versions** Samsung Galaxy S9 versions prior to January 2019 Security Update **Description** This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The specific flaw exists within the ASN.1 parser, which does not properly validate the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this to execute code in the context of the current process. **Recommendations** For Samsung Galaxy S9 versions prior to January 2019 Security Update, apply the January 2019 Security Update (SMR-JAN-2019 - SVE-2018-13467) to resolve the issue. As a temporary workaround, consider restricting user interaction with potentially malicious pages or files until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 12.1.3 Apple tvOS versions prior to 12.1.2 Apple watchOS versions prior to 5.1.3 Apple Safari versions prior to 12.0.3 Apple iTunes for Windows versions prior to 12.9.3 Apple iCloud for Windows versions prior to 7.10 **Description** The issue is related to memory corruption and can be triggered by processing maliciously crafted web content, potentially leading to arbitrary code execution. It is caused by a buffer overflow in the WebKit display module. A remote attacker can exploit this issue using a specially crafted web page, allowing them to execute arbitrary code. **Recommendations** For iOS versions prior to 12.1.3, update to iOS 12.1.3 or later. For tvOS versions prior to 12.1.2, update to tvOS 12.1.2 or later. For watchOS versions prior to 5.1.3, update to watchOS 5.1.3 or later. For Safari versions prior to 12.0.3, update to Safari 12.0.3 or later. For iTunes for Windows versions prior to 12.9.3, update to iTunes 12.9.3 or later. For iCloud for Windows versions prior to 7.10, update to iCloud for Windows 7.10 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 12.1.3 Apple tvOS versions prior to 12.1.2 Apple watchOS versions prior to 5.1.3 Apple Safari versions prior to 12.0.3 Apple iTunes for Windows versions prior to 12.9.3 Apple iCloud for Windows versions prior to 7.10 **Description** The issue is related to memory corruption and can be triggered by processing maliciously crafted web content, potentially leading to arbitrary code execution. It is caused by a buffer overflow in the WebKit display module. A remote attacker can exploit this issue using a specially crafted web page, allowing for remote code execution. **Recommendations** For iOS versions prior to 12.1.3, update to iOS 12.1.3 or later. For tvOS versions prior to 12.1.2, update to tvOS 12.1.2 or later. For watchOS versions prior to 5.1.3, update to watchOS 5.1.3 or later. For Safari versions prior to 12.0.3, update to Safari 12.0.3 or later. For iTunes for Windows versions prior to 12.9.3, update to iTunes 12.9.3 or later. For iCloud for Windows versions prior to 7.10, update to iCloud for Windows 7.10 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.1.3 macOS Mojave versions prior to 10.14.3 watchOS versions prior to 5.1.3 **Description** The issue involves an out-of-bounds read that has been addressed with improved bounds checking. A malicious application may be able to elevate privileges. This is related to a privilege escalation vulnerability in the mediaserverd component. **Recommendations** For iOS versions prior to 12.1.3, update to iOS 12.1.3 or later. For macOS Mojave versions prior to 10.14.3, update to macOS Mojave 10.14.3 or later. For watchOS versions prior to 5.1.3, update to watchOS 5.1.3 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 12.1.3 macOS Mojave versions prior to 10.14.3 iTunes for Windows versions prior to 12.9.3 **Description** The issue is related to an out-of-bounds read that has been addressed with improved bounds checking. A malicious application may be able to elevate privileges. This is a privilege escalation vulnerability. **Recommendations** For iOS versions prior to 12.1.3, update to iOS 12.1.3 or later. For macOS Mojave versions prior to 10.14.3, update to macOS Mojave 10.14.3 or later. For iTunes for Windows versions prior to 12.9.3, update to iTunes 12.9.3 or later.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 65.0.3325.146 Opera versions prior to 65.0.3325.146 **Description** The issue is related to an integer overflow when computing the required allocation size for a new JavaScript object in V8. This could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. The vulnerability may enable a remote attacker to execute arbitrary code. **Recommendations** For Google Chrome versions prior to 65.0.3325.146, update to version 65.0.3325.146 or later. For Opera versions prior to 65.0.3325.146, update to a version that includes the fix for this issue, as the specific version is not provided. As a temporary workaround, consider restricting access to potentially vulnerable JavaScript objects in V8 until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 57.0.2987.98 for Linux, Windows, and Mac Google Chrome version prior to 57.0.2987.108 for Android **Description** The issue is related to incorrect handling of complex species in V8, allowing a remote attacker to execute arbitrary code via a crafted HTML page. This is due to a buffer overflow in the V8 JavaScript engine. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Google Chrome versions prior to 57.0.2987.98 for Linux, Windows, and Mac, update to version 57.0.2987.98 or later. For Google Chrome version prior to 57.0.2987.108 for Android, update to version 57.0.2987.108 or later. As a temporary workaround, consider disabling JavaScript execution in V8 until a patch is available.