Vulnerability CVE-2019-6234

Vulnerability CVE-2019-6234

Published: 2019-03-05

Description:

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Webkitgtk -> Webkitgtk+
Apple -> Icloud
Apple -> Itunes
Apple -> Safari
Apple -> Iphone os
Apple -> TVOS

References:

http://www.securityfocus.com/bid/106691

https://security.gentoo.org/glsa/201903-12

https://support.apple.com/HT209443

https://support.apple.com/HT209447

https://support.apple.com/HT209449

https://support.apple.com/HT209450

https://support.apple.com/HT209451

Copyright 2024, cxsecurity.com