PT-2019-1530 · Apple+2 · Itunes For Windows+8

G. Geshev

·

Publicado

2019-01-25

·

Atualizado

2020-08-24

·

CVE-2019-6234

CVSS v2.0

9.3

Alta

VetorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 12.1.3 Apple tvOS versions prior to 12.1.2 Apple Safari versions prior to 12.0.3 Apple iTunes for Windows versions prior to 12.9.3 Apple iCloud for Windows versions prior to 7.10
Description A memory corruption issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. The issue is related to a WebKit module vulnerability caused by a buffer overflow in memory, which can be exploited by a remote attacker using a specially crafted web page.
Recommendations For iOS versions prior to 12.1.3, update to iOS 12.1.3 or later. For tvOS versions prior to 12.1.2, update to tvOS 12.1.2 or later. For Safari versions prior to 12.0.3, update to Safari 12.0.3 or later. For iTunes for Windows versions prior to 12.9.3, update to iTunes 12.9.3 or later. For iCloud for Windows versions prior to 7.10, update to iCloud for Windows 7.10 or later.

Correção

Buffer Overflow

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119CWE-787

Identificadores relacionados

ALT-PU-2019-1203
BDU:2019-01028
CVE-2019-6234
OPENSUSE-SU-2019:0308-1
OPENSUSE-SU-2019_0308-1
OPENSUSE-SU-2019_0309-1
SUSE-SU-2019:0497-1
SUSE-SU-2019:0511-1
ZDI-19-123

Produtos afetados

Alt Linux
Safari
Suse
Webkit
Icloud For Windows
Ios
Itunes
Itunes For Windows
Tvos