Details of VAR-201912-0630

ID

VAR-201912-0630

CVE

CVE-2019-8626

TITLE

plural Apple Updates to product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2019-003317

DESCRIPTION

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Insufficient access restrictions * Privilege escalation * Service operation interruption (DoS) * Sandbox avoidance * Information falsification * information leak * Arbitrary code execution. Both Apple iOS and Apple watchOS are products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices. Mail is one of those email plugins. An input validation error vulnerability exists in the Mail component in Apple iOS versions prior to 12.3 and watchOS versions prior to 5.2.1. The vulnerability stems from the failure of the network system or product to properly validate the input data. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-5-13-4 watchOS 5.2.1 watchOS 5.2.1 is now available and addresses the following: AppleFileConduit Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8593: Dany Lisiansky (@DanyL931) CoreAudio Available for: Apple Watch Series 1 and later Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8585: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative Disk Images Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8560: Nikita Pupyshev of Bauman Moscow State Technological University Kernel Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A use after free issue was addressed with improved memory management. CVE-2019-8605: Ned Williamson working with Google Project Zero Kernel Available for: Apple Watch Series 1 and later Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8576: Brandon Azad of Google Project Zero, unho Jang and Hanul Choi of LINE Security Team Kernel Available for: Apple Watch Series 1 and later Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A type confusion issue was addressed with improved memory handling. CVE-2019-8591: Ned Williamson working with Google Project Zero Mail Available for: Apple Watch Series 1 and later Impact: Processing a maliciously crafted message may lead to a denial of service Description: An input validation issue was addressed with improved input validation. CVE-2019-8626: Natalie Silvanovich of Google Project Zero Mail Message Framework Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8613: Natalie Silvanovich of Google Project Zero MobileInstallation Available for: Apple Watch Series 1 and later Impact: A local user may be able to modify protected parts of the file system Description: A validation issue existed in the handling of symlinks. CVE-2019-8637: Dany Lisiansky (@DanyL931) SQLite Available for: Apple Watch Series 1 and later Impact: An application may be able to gain elevated privileges Description: An input validation issue was addressed with improved memory handling. CVE-2019-8577: Omer Gull of Checkpoint Research SQLite Available for: Apple Watch Series 1 and later Impact: A maliciously crafted SQL query may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8600: Omer Gull of Checkpoint Research SQLite Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to read restricted memory Description: An input validation issue was addressed with improved input validation. CVE-2019-8598: Omer Gull of Checkpoint Research SQLite Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2019-8602: Omer Gull of Checkpoint Research sysdiagnose Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8574: Dayton Pidhirney (@_watbulb) of Seekintoo (@seekintoo) WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8607: Junho Jang and Hanul Choi of LINE Security Team WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8583: sakura of Tencent Xuanwu Lab, jessica (@babyjess1ca_) of Tencent Keen Lab, and dwfault working at ADLab of Venustech CVE-2019-8601: Fluoroacetate working with Trend Micro's Zero Day Initiative CVE-2019-8622: Samuel Groß of Google Project Zero CVE-2019-8623: Samuel Groß of Google Project Zero Wi-Fi Available for: Apple Watch Series 1 and later Impact: A device may be passively tracked by its WiFi MAC address Description: A user privacy issue was addressed by removing the broadcast MAC address. CVE-2019-8620: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt Additional recognition Clang We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. CoreFoundation We would like to acknowledge Vozzie and Rami and m4bln, Xiangqian Zhang, Huiming Liu of Tencent's Xuanwu Lab for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero and an anonymous researcher for their assistance. MediaLibrary We would like to acknowledge Angel Ramirez and Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. for their assistance. MobileInstallation We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlzZrUgpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3EsdA/7 BI575/+FpdHwLot0f7lOojOxmzIXi42mNBINAsGRj8Maaz/dvBErOf4p3viMLLWp bhkHfqdvlPH6C0/vx+Nlzs7M+XSX+MqQIQi5D4bGqem59DD9UibZb+MPX4gbICSp JVkIGIA2yM4u5VciJzGyqfBIap3EEOqhyCzr50eiG7BCXX0/Vx9HxhViyEbl2Yeq x4h2WsUi5WI8bDdRfnH8zOMCWlOgv7jzbo/bGAeZDhlDTSxBlVvbApOtpbBbRPMD +BPhlzldxEPFmv4f05otW1z9sH6pv7LO2k5//h5ZL/Xox49LW1ZQTmtim44W7dIj Qq5OE3ttpckVyv2zQlUEeLDAQ3WYihQYR7h8BUalMo5We515OXzyZBHfn5a4uCkZ +wCKolQ8l+wQIt6zbNgLMRPM/CZ644sP1M8nUE6fXLENbN1hUW6S0DLWjDIJgKuS xbfgcfTXde6zHGdh2IPnpexU1ZzHG94l+c2KKbCjwr1YuazMFVEcrsCsjwTAZ5xP hKs5Uuygwa/IGEuMWPzjCtZCLK8nf5sbctRV9ENyUjzDf/YWfZ9Wmmew3MIVwDfQ BaAeTQk49Rp+QczIXmArijS/rxu5ODUwOY/7c/QS6rWB6B3LVTQotcWXTxZ/RLTg pfnIwbEjwi7VVEAY1vFBs/SzV7YCu0r3Q7g5t9ldiY8= =E5sS -----END PGP SIGNATURE-----

Trust: 1.89

sources: NVD: CVE-2019-8626 // JVNDB: JVNDB-2019-003317 // VULHUB: VHN-160061 // VULMON: CVE-2019-8626 // PACKETSTORM: 152847

AFFECTED PRODUCTS

vendor:	apple	model:	watchos	scope:	lt	version:	5.2.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	12.3	Trust: 1.0
vendor:	apple	model:	tv software	scope:	lt	version:	7.3 earlier	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12.3 earlier	Trust: 0.8
vendor:	apple	model:	macos high sierra	scope:	eq	version:	(security update 2019-003 not applied )	Trust: 0.8
vendor:	apple	model:	macos mojave	scope:	lt	version:	10.14.5 earlier	Trust: 0.8
vendor:	apple	model:	macos sierra	scope:	eq	version:	(security update 2019-003 not applied )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	12.1.1 earlier	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	7.3 earlier	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	5.2.1 earlier	Trust: 0.8

sources: JVNDB: JVNDB-2019-003317 // NVD: CVE-2019-8626

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-8626
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-201905-537
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-160061
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2019-8626
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-8626
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
VULHUB:	VHN-160061
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-8626
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-160061 // VULMON: CVE-2019-8626 // CNNVD: CNNVD-201905-537 // NVD: CVE-2019-8626

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.1

sources: VULHUB: VHN-160061 // NVD: CVE-2019-8626

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-537

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201905-537

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-003317

PATCH

title:	About the security content of iOS 12.3	url:	https://support.apple.com/en-us/HT210118	Trust: 0.8
title:	About the security content of Safari 12.1.1	url:	https://support.apple.com/en-us/HT210123	Trust: 0.8
title:	About the security content of Apple TV Software 7.3	url:	https://support.apple.com/en-us/HT210121	Trust: 0.8
title:	About the security content of tvOS 12.3	url:	https://support.apple.com/en-us/HT210120	Trust: 0.8
title:	About the security content of watchOS 5.2.1	url:	https://support.apple.com/en-us/HT210122	Trust: 0.8
title:	About the security content of macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra	url:	https://support.apple.com/en-us/HT210119	Trust: 0.8
title:	Apple iOS and Apple watchOS Mail Fixes for component input validation error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92693	Trust: 0.6
title:	Threatpost	url:	https://threatpost.com/apple-patches-intel-side-channel-ios-macos/144743/	Trust: 0.1

sources: VULMON: CVE-2019-8626 // JVNDB: JVNDB-2019-003317 // CNNVD: CNNVD-201905-537

EXTERNAL IDS

db:	NVD	id:	CVE-2019-8626	Trust: 2.7
db:	JVN	id:	JVNVU93988385	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-003317	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-537	Trust: 0.7
db:	PACKETSTORM	id:	152847	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1697	Trust: 0.6
db:	VULHUB	id:	VHN-160061	Trust: 0.1
db:	VULMON	id:	CVE-2019-8626	Trust: 0.1

sources: VULHUB: VHN-160061 // VULMON: CVE-2019-8626 // JVNDB: JVNDB-2019-003317 // PACKETSTORM: 152847 // CNNVD: CNNVD-201905-537 // NVD: CVE-2019-8626

REFERENCES

url:	https://support.apple.com/ht210118	Trust: 1.8
url:	https://support.apple.com/ht210122	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8626	Trust: 1.5
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8622	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8613	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8591	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8620	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8560	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8593	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8568	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8574	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8576	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8585	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8637	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8634	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8576	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8604	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8637	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8635	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8585	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8606	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8622	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8589	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8616	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8613	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8590	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8617	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8620	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8611	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8591	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8626	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8610	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8560	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8593	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8629	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8609	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8568	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8599	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8630	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8574	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8603	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu93988385/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8590	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8617	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8611	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8610	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8599	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8629	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8609	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8603	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8630	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8604	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8634	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8606	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8635	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8589	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8616	Trust: 0.8
url:	https://support.apple.com/en-au/ht210122	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80842	Trust: 0.6
url:	https://packetstormsecurity.com/files/152847/apple-security-advisory-2019-5-13-4.html	Trust: 0.6
url:	https://support.apple.com/en-us/ht210118	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://seclists.org/fulldisclosure/2019/may/23	Trust: 0.1
url:	https://threatpost.com/apple-patches-intel-side-channel-ios-macos/144743/	Trust: 0.1
url:	https://support.apple.com/kb/ht204641	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8598	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8607	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8623	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8601	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8583	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8602	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8605	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8577	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8600	Trust: 0.1

sources: VULHUB: VHN-160061 // VULMON: CVE-2019-8626 // JVNDB: JVNDB-2019-003317 // PACKETSTORM: 152847 // CNNVD: CNNVD-201905-537 // NVD: CVE-2019-8626

CREDITS

Apple

Trust: 0.7

sources: PACKETSTORM: 152847 // CNNVD: CNNVD-201905-537

SOURCES

db:	VULHUB	id:	VHN-160061
db:	VULMON	id:	CVE-2019-8626
db:	JVNDB	id:	JVNDB-2019-003317
db:	PACKETSTORM	id:	152847
db:	CNNVD	id:	CNNVD-201905-537
db:	NVD	id:	CVE-2019-8626

LAST UPDATE DATE

2024-11-23T19:34:59.746000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-160061	date:	2019-12-20T00:00:00
db:	VULMON	id:	CVE-2019-8626	date:	2019-12-20T00:00:00
db:	JVNDB	id:	JVNDB-2019-003317	date:	2020-01-07T00:00:00
db:	CNNVD	id:	CNNVD-201905-537	date:	2021-10-29T00:00:00
db:	NVD	id:	CVE-2019-8626	date:	2024-11-21T04:50:11.783

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-160061	date:	2019-12-18T00:00:00
db:	VULMON	id:	CVE-2019-8626	date:	2019-12-18T00:00:00
db:	JVNDB	id:	JVNDB-2019-003317	date:	2019-05-15T00:00:00
db:	PACKETSTORM	id:	152847	date:	2019-05-14T00:29:10
db:	CNNVD	id:	CNNVD-201905-537	date:	2019-05-14T00:00:00
db:	NVD	id:	CVE-2019-8626	date:	2019-12-18T18:15:30.257