PT-2019-1528 · Apple+1 · Icloud+6
Qixun Zhao
·
Published
2019-02-11
·
Updated
2020-08-24
·
CVE-2019-6227
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Safari versions prior to 12.0.3
iOS versions prior to 12.1.3
tvOS versions prior to 12.1.2
watchOS versions prior to 5.1.3
iTunes versions prior to 12.9.3 for Windows
iCloud for Windows versions prior to 7.10
Description
The issue is caused by a buffer overflow in the WebKit display module, allowing a remote attacker to execute arbitrary code using a specially crafted web page. Processing maliciously crafted web content may lead to arbitrary code execution.
Recommendations
For Safari versions prior to 12.0.3, update to Safari 12.0.3 or later.
For iOS versions prior to 12.1.3, update to iOS 12.1.3 or later.
For tvOS versions prior to 12.1.2, update to tvOS 12.1.2 or later.
For watchOS versions prior to 5.1.3, update to watchOS 5.1.3 or later.
For iTunes versions prior to 12.9.3 for Windows, update to iTunes 12.9.3 for Windows or later.
For iCloud for Windows versions prior to 7.10, update to iCloud for Windows 7.10 or later.
Fix
Memory Corruption
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Safari
Suse
Icloud
Ios
Itunes
Tvos
Watchos