PT-2019-1530 · Apple+2 · Itunes For Windows+8
G. Geshev
·
Published
2019-01-25
·
Updated
2020-08-24
·
CVE-2019-6234
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Apple iOS versions prior to 12.1.3
Apple tvOS versions prior to 12.1.2
Apple Safari versions prior to 12.0.3
Apple iTunes for Windows versions prior to 12.9.3
Apple iCloud for Windows versions prior to 7.10
Description
A memory corruption issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution. The issue is related to a WebKit module vulnerability caused by a buffer overflow in memory, which can be exploited by a remote attacker using a specially crafted web page.
Recommendations
For iOS versions prior to 12.1.3, update to iOS 12.1.3 or later.
For tvOS versions prior to 12.1.2, update to tvOS 12.1.2 or later.
For Safari versions prior to 12.0.3, update to Safari 12.0.3 or later.
For iTunes for Windows versions prior to 12.9.3, update to iTunes 12.9.3 or later.
For iCloud for Windows versions prior to 7.10, update to iCloud for Windows 7.10 or later.
Fix
Buffer Overflow
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Safari
Suse
Webkit
Icloud For Windows
Ios
Itunes
Itunes For Windows
Tvos