VARIoT IoT vulnerabilities database
| VAR-201909-1550 | No CVE | DELTA AS332T AS300_PSJ_0 Denial of service vulnerability |
CVSS V2: 6.1 CVSS V3: - Severity: MEDIUM |
Delta's AS series PLCs are general-purpose controllers designed for automation equipment.
DELTA AS332T AS300_PSJ_0 has a denial of service vulnerability. An attacker could exploit this vulnerability to cause a denial of service
| VAR-201909-0903 | CVE-2019-16920 | Multiple D-Link routers vulnerable to remote command execution |
CVSS V2: 10.0 CVSS V3: 9.8 Severity: CRITICAL |
Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who successfully triggers the command injection could achieve full system compromise. Later, it was independently found that these are also affected: DIR-855L, DAP-1533, DIR-862L, DIR-615, DIR-835, and DIR-825. plural D-Link The product includes OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. D-Link DIR-655C, etc. are all wireless routers from Taiwan D-Link. Attackers can use this vulnerability to inject commands to invade the system. The following products and versions are affected: D-Link DIR-655C; DIR-866L; DIR-652; DHP-1565, etc.
Exploiting this issue could allow an malicious user to execute arbitrary commands in the context of the affected device. Failed exploit attempts will likely result in denial-of-service conditions
| VAR-201912-0638 | CVE-2019-8674 | iOS and Safari Logic vulnerability in |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
A logic issue was addressed with improved state management. This issue is fixed in iOS 13, Safari 13. Processing maliciously crafted web content may lead to universal cross site scripting. Both Apple Safari and Apple iOS are products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices. Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. WebKit Page Loading is one of the page loading components. A security vulnerability exists in the WebKit Page Loading component in Apple iOS versions prior to 13 and Apple Safari versions prior to 13. WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded. (CVE-2019-6237)
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. (CVE-2019-8719)
This fixes a remote code execution in webkitgtk4. No further details are available in NIST. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. (CVE-2019-8766)
"Clear History and Website Data" did not clear the history. A user may be unable to delete browsing history items. (CVE-2019-8768)
An issue existed in the drawing of web page elements. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8846)
WebKitGTK up to and including 2.26.4 and WPE WebKit up to and including 2.26.4 (which are the versions right prior to 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. (CVE-2020-10018)
A use-after-free flaw exists in WebKitGTK. This flaw allows remote malicious users to execute arbitrary code or cause a denial of service. A malicious website may be able to cause a denial of service. A DOM object context may not have had a unique security origin. A file URL may be incorrectly processed. (CVE-2020-3885)
A race condition was addressed with additional validation. An application may be able to read restricted memory. A remote attacker may be able to cause arbitrary code execution. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3902). -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: webkitgtk4 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:4035-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4035
Issue date: 2020-09-29
CVE Names: CVE-2019-6237 CVE-2019-6251 CVE-2019-8506
CVE-2019-8524 CVE-2019-8535 CVE-2019-8536
CVE-2019-8544 CVE-2019-8551 CVE-2019-8558
CVE-2019-8559 CVE-2019-8563 CVE-2019-8571
CVE-2019-8583 CVE-2019-8584 CVE-2019-8586
CVE-2019-8587 CVE-2019-8594 CVE-2019-8595
CVE-2019-8596 CVE-2019-8597 CVE-2019-8601
CVE-2019-8607 CVE-2019-8608 CVE-2019-8609
CVE-2019-8610 CVE-2019-8611 CVE-2019-8615
CVE-2019-8619 CVE-2019-8622 CVE-2019-8623
CVE-2019-8625 CVE-2019-8644 CVE-2019-8649
CVE-2019-8658 CVE-2019-8666 CVE-2019-8669
CVE-2019-8671 CVE-2019-8672 CVE-2019-8673
CVE-2019-8674 CVE-2019-8676 CVE-2019-8677
CVE-2019-8678 CVE-2019-8679 CVE-2019-8680
CVE-2019-8681 CVE-2019-8683 CVE-2019-8684
CVE-2019-8686 CVE-2019-8687 CVE-2019-8688
CVE-2019-8689 CVE-2019-8690 CVE-2019-8707
CVE-2019-8710 CVE-2019-8719 CVE-2019-8720
CVE-2019-8726 CVE-2019-8733 CVE-2019-8735
CVE-2019-8743 CVE-2019-8763 CVE-2019-8764
CVE-2019-8765 CVE-2019-8766 CVE-2019-8768
CVE-2019-8769 CVE-2019-8771 CVE-2019-8782
CVE-2019-8783 CVE-2019-8808 CVE-2019-8811
CVE-2019-8812 CVE-2019-8813 CVE-2019-8814
CVE-2019-8815 CVE-2019-8816 CVE-2019-8819
CVE-2019-8820 CVE-2019-8821 CVE-2019-8822
CVE-2019-8823 CVE-2019-8835 CVE-2019-8844
CVE-2019-8846 CVE-2019-11070 CVE-2020-3862
CVE-2020-3864 CVE-2020-3865 CVE-2020-3867
CVE-2020-3868 CVE-2020-3885 CVE-2020-3894
CVE-2020-3895 CVE-2020-3897 CVE-2020-3899
CVE-2020-3900 CVE-2020-3901 CVE-2020-3902
CVE-2020-10018 CVE-2020-11793
====================================================================
1. Summary:
An update for webkitgtk4 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch
3. Description:
WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+
platform. These packages provide WebKitGTK+ for GTK+ 3.
The following packages have been upgraded to a later upstream version:
webkitgtk4 (2.28.2). (BZ#1817144)
Security Fix(es):
* webkitgtk: Multiple security issues (CVE-2019-6237, CVE-2019-6251,
CVE-2019-8506, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8544,
CVE-2019-8551, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563, CVE-2019-8571,
CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594,
CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8601, CVE-2019-8607,
CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615,
CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8625, CVE-2019-8644,
CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671,
CVE-2019-8672, CVE-2019-8673, CVE-2019-8674, CVE-2019-8676, CVE-2019-8677,
CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683,
CVE-2019-8684, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689,
CVE-2019-8690, CVE-2019-8707, CVE-2019-8710, CVE-2019-8719, CVE-2019-8720,
CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8743, CVE-2019-8763,
CVE-2019-8764, CVE-2019-8765, CVE-2019-8766, CVE-2019-8768, CVE-2019-8769,
CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811,
CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816,
CVE-2019-8819, CVE-2019-8820, CVE-2019-8821, CVE-2019-8822, CVE-2019-8823,
CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2019-11070, CVE-2020-3862,
CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885,
CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900,
CVE-2020-3901, CVE-2020-3902, CVE-2020-10018, CVE-2020-11793)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.9 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
x86_64:
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
ppc64:
webkitgtk4-2.28.2-2.el7.ppc.rpm
webkitgtk4-2.28.2-2.el7.ppc64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64.rpm
ppc64le:
webkitgtk4-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-2.28.2-2.el7.ppc64le.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64le.rpm
s390x:
webkitgtk4-2.28.2-2.el7.s390.rpm
webkitgtk4-2.28.2-2.el7.s390x.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-2.28.2-2.el7.s390x.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
ppc64:
webkitgtk4-debuginfo-2.28.2-2.el7.ppc.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.ppc64.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-devel-2.28.2-2.el7.ppc64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.ppc64.rpm
s390x:
webkitgtk4-debuginfo-2.28.2-2.el7.s390.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.s390x.rpm
webkitgtk4-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-devel-2.28.2-2.el7.s390x.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
webkitgtk4-2.28.2-2.el7.src.rpm
x86_64:
webkitgtk4-2.28.2-2.el7.i686.rpm
webkitgtk4-2.28.2-2.el7.x86_64.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.i686.rpm
webkitgtk4-debuginfo-2.28.2-2.el7.x86_64.rpm
webkitgtk4-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-devel-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpm
webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch:
webkitgtk4-doc-2.28.2-2.el7.noarch.rpm
These packages are GPG signed by Red Hat for security. References:
https://access.redhat.com/security/cve/CVE-2019-6237
https://access.redhat.com/security/cve/CVE-2019-6251
https://access.redhat.com/security/cve/CVE-2019-8506
https://access.redhat.com/security/cve/CVE-2019-8524
https://access.redhat.com/security/cve/CVE-2019-8535
https://access.redhat.com/security/cve/CVE-2019-8536
https://access.redhat.com/security/cve/CVE-2019-8544
https://access.redhat.com/security/cve/CVE-2019-8551
https://access.redhat.com/security/cve/CVE-2019-8558
https://access.redhat.com/security/cve/CVE-2019-8559
https://access.redhat.com/security/cve/CVE-2019-8563
https://access.redhat.com/security/cve/CVE-2019-8571
https://access.redhat.com/security/cve/CVE-2019-8583
https://access.redhat.com/security/cve/CVE-2019-8584
https://access.redhat.com/security/cve/CVE-2019-8586
https://access.redhat.com/security/cve/CVE-2019-8587
https://access.redhat.com/security/cve/CVE-2019-8594
https://access.redhat.com/security/cve/CVE-2019-8595
https://access.redhat.com/security/cve/CVE-2019-8596
https://access.redhat.com/security/cve/CVE-2019-8597
https://access.redhat.com/security/cve/CVE-2019-8601
https://access.redhat.com/security/cve/CVE-2019-8607
https://access.redhat.com/security/cve/CVE-2019-8608
https://access.redhat.com/security/cve/CVE-2019-8609
https://access.redhat.com/security/cve/CVE-2019-8610
https://access.redhat.com/security/cve/CVE-2019-8611
https://access.redhat.com/security/cve/CVE-2019-8615
https://access.redhat.com/security/cve/CVE-2019-8619
https://access.redhat.com/security/cve/CVE-2019-8622
https://access.redhat.com/security/cve/CVE-2019-8623
https://access.redhat.com/security/cve/CVE-2019-8625
https://access.redhat.com/security/cve/CVE-2019-8644
https://access.redhat.com/security/cve/CVE-2019-8649
https://access.redhat.com/security/cve/CVE-2019-8658
https://access.redhat.com/security/cve/CVE-2019-8666
https://access.redhat.com/security/cve/CVE-2019-8669
https://access.redhat.com/security/cve/CVE-2019-8671
https://access.redhat.com/security/cve/CVE-2019-8672
https://access.redhat.com/security/cve/CVE-2019-8673
https://access.redhat.com/security/cve/CVE-2019-8674
https://access.redhat.com/security/cve/CVE-2019-8676
https://access.redhat.com/security/cve/CVE-2019-8677
https://access.redhat.com/security/cve/CVE-2019-8678
https://access.redhat.com/security/cve/CVE-2019-8679
https://access.redhat.com/security/cve/CVE-2019-8680
https://access.redhat.com/security/cve/CVE-2019-8681
https://access.redhat.com/security/cve/CVE-2019-8683
https://access.redhat.com/security/cve/CVE-2019-8684
https://access.redhat.com/security/cve/CVE-2019-8686
https://access.redhat.com/security/cve/CVE-2019-8687
https://access.redhat.com/security/cve/CVE-2019-8688
https://access.redhat.com/security/cve/CVE-2019-8689
https://access.redhat.com/security/cve/CVE-2019-8690
https://access.redhat.com/security/cve/CVE-2019-8707
https://access.redhat.com/security/cve/CVE-2019-8710
https://access.redhat.com/security/cve/CVE-2019-8719
https://access.redhat.com/security/cve/CVE-2019-8720
https://access.redhat.com/security/cve/CVE-2019-8726
https://access.redhat.com/security/cve/CVE-2019-8733
https://access.redhat.com/security/cve/CVE-2019-8735
https://access.redhat.com/security/cve/CVE-2019-8743
https://access.redhat.com/security/cve/CVE-2019-8763
https://access.redhat.com/security/cve/CVE-2019-8764
https://access.redhat.com/security/cve/CVE-2019-8765
https://access.redhat.com/security/cve/CVE-2019-8766
https://access.redhat.com/security/cve/CVE-2019-8768
https://access.redhat.com/security/cve/CVE-2019-8769
https://access.redhat.com/security/cve/CVE-2019-8771
https://access.redhat.com/security/cve/CVE-2019-8782
https://access.redhat.com/security/cve/CVE-2019-8783
https://access.redhat.com/security/cve/CVE-2019-8808
https://access.redhat.com/security/cve/CVE-2019-8811
https://access.redhat.com/security/cve/CVE-2019-8812
https://access.redhat.com/security/cve/CVE-2019-8813
https://access.redhat.com/security/cve/CVE-2019-8814
https://access.redhat.com/security/cve/CVE-2019-8815
https://access.redhat.com/security/cve/CVE-2019-8816
https://access.redhat.com/security/cve/CVE-2019-8819
https://access.redhat.com/security/cve/CVE-2019-8820
https://access.redhat.com/security/cve/CVE-2019-8821
https://access.redhat.com/security/cve/CVE-2019-8822
https://access.redhat.com/security/cve/CVE-2019-8823
https://access.redhat.com/security/cve/CVE-2019-8835
https://access.redhat.com/security/cve/CVE-2019-8844
https://access.redhat.com/security/cve/CVE-2019-8846
https://access.redhat.com/security/cve/CVE-2019-11070
https://access.redhat.com/security/cve/CVE-2020-3862
https://access.redhat.com/security/cve/CVE-2020-3864
https://access.redhat.com/security/cve/CVE-2020-3865
https://access.redhat.com/security/cve/CVE-2020-3867
https://access.redhat.com/security/cve/CVE-2020-3868
https://access.redhat.com/security/cve/CVE-2020-3885
https://access.redhat.com/security/cve/CVE-2020-3894
https://access.redhat.com/security/cve/CVE-2020-3895
https://access.redhat.com/security/cve/CVE-2020-3897
https://access.redhat.com/security/cve/CVE-2020-3899
https://access.redhat.com/security/cve/CVE-2020-3900
https://access.redhat.com/security/cve/CVE-2020-3901
https://access.redhat.com/security/cve/CVE-2020-3902
https://access.redhat.com/security/cve/CVE-2020-10018
https://access.redhat.com/security/cve/CVE-2020-11793
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
Installation note:
Safari 13 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial
Light-Year Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history.
CVE-2019-8768: Hugo S.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: WebkitGTK+: Multiple vulnerabilities
Date: March 15, 2020
Bugs: #699156, #706374, #709612
ID: 202003-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
========
Multiple vulnerabilities have been found in WebKitGTK+, the worst of
which may lead to arbitrary code execution.
Affected packages
=================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/webkit-gtk < 2.26.4 >= 2.26.4
Description
===========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the referenced CVE identifiers for details.
Workaround
==========
There is no known workaround at this time.
Resolution
==========
All WebkitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.26.4"
References
==========
[ 1 ] CVE-2019-8625
https://nvd.nist.gov/vuln/detail/CVE-2019-8625
[ 2 ] CVE-2019-8674
https://nvd.nist.gov/vuln/detail/CVE-2019-8674
[ 3 ] CVE-2019-8707
https://nvd.nist.gov/vuln/detail/CVE-2019-8707
[ 4 ] CVE-2019-8710
https://nvd.nist.gov/vuln/detail/CVE-2019-8710
[ 5 ] CVE-2019-8719
https://nvd.nist.gov/vuln/detail/CVE-2019-8719
[ 6 ] CVE-2019-8720
https://nvd.nist.gov/vuln/detail/CVE-2019-8720
[ 7 ] CVE-2019-8726
https://nvd.nist.gov/vuln/detail/CVE-2019-8726
[ 8 ] CVE-2019-8733
https://nvd.nist.gov/vuln/detail/CVE-2019-8733
[ 9 ] CVE-2019-8735
https://nvd.nist.gov/vuln/detail/CVE-2019-8735
[ 10 ] CVE-2019-8743
https://nvd.nist.gov/vuln/detail/CVE-2019-8743
[ 11 ] CVE-2019-8763
https://nvd.nist.gov/vuln/detail/CVE-2019-8763
[ 12 ] CVE-2019-8764
https://nvd.nist.gov/vuln/detail/CVE-2019-8764
[ 13 ] CVE-2019-8765
https://nvd.nist.gov/vuln/detail/CVE-2019-8765
[ 14 ] CVE-2019-8766
https://nvd.nist.gov/vuln/detail/CVE-2019-8766
[ 15 ] CVE-2019-8768
https://nvd.nist.gov/vuln/detail/CVE-2019-8768
[ 16 ] CVE-2019-8769
https://nvd.nist.gov/vuln/detail/CVE-2019-8769
[ 17 ] CVE-2019-8771
https://nvd.nist.gov/vuln/detail/CVE-2019-8771
[ 18 ] CVE-2019-8782
https://nvd.nist.gov/vuln/detail/CVE-2019-8782
[ 19 ] CVE-2019-8783
https://nvd.nist.gov/vuln/detail/CVE-2019-8783
[ 20 ] CVE-2019-8808
https://nvd.nist.gov/vuln/detail/CVE-2019-8808
[ 21 ] CVE-2019-8811
https://nvd.nist.gov/vuln/detail/CVE-2019-8811
[ 22 ] CVE-2019-8812
https://nvd.nist.gov/vuln/detail/CVE-2019-8812
[ 23 ] CVE-2019-8813
https://nvd.nist.gov/vuln/detail/CVE-2019-8813
[ 24 ] CVE-2019-8814
https://nvd.nist.gov/vuln/detail/CVE-2019-8814
[ 25 ] CVE-2019-8815
https://nvd.nist.gov/vuln/detail/CVE-2019-8815
[ 26 ] CVE-2019-8816
https://nvd.nist.gov/vuln/detail/CVE-2019-8816
[ 27 ] CVE-2019-8819
https://nvd.nist.gov/vuln/detail/CVE-2019-8819
[ 28 ] CVE-2019-8820
https://nvd.nist.gov/vuln/detail/CVE-2019-8820
[ 29 ] CVE-2019-8821
https://nvd.nist.gov/vuln/detail/CVE-2019-8821
[ 30 ] CVE-2019-8822
https://nvd.nist.gov/vuln/detail/CVE-2019-8822
[ 31 ] CVE-2019-8823
https://nvd.nist.gov/vuln/detail/CVE-2019-8823
[ 32 ] CVE-2019-8835
https://nvd.nist.gov/vuln/detail/CVE-2019-8835
[ 33 ] CVE-2019-8844
https://nvd.nist.gov/vuln/detail/CVE-2019-8844
[ 34 ] CVE-2019-8846
https://nvd.nist.gov/vuln/detail/CVE-2019-8846
[ 35 ] CVE-2020-3862
https://nvd.nist.gov/vuln/detail/CVE-2020-3862
[ 36 ] CVE-2020-3864
https://nvd.nist.gov/vuln/detail/CVE-2020-3864
[ 37 ] CVE-2020-3865
https://nvd.nist.gov/vuln/detail/CVE-2020-3865
[ 38 ] CVE-2020-3867
https://nvd.nist.gov/vuln/detail/CVE-2020-3867
[ 39 ] CVE-2020-3868
https://nvd.nist.gov/vuln/detail/CVE-2020-3868
Availability
============
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-22
Concerns?
=========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
=======
Copyright 2020 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
| VAR-201912-0580 | CVE-2019-8654 | Safari Inconsistent user interface vulnerability |
CVSS V2: 4.3 CVSS V3: 6.5 Severity: MEDIUM |
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.1. Visiting a malicious website may lead to user interface spoofing. Apple Safari is a web browser of Apple (Apple), the default browser included with Mac OS X and iOS operating systems. A security vulnerability exists in versions of Apple Safari prior to 13.0.1.
CVE-2019-8654: Juno Im (@junorouse) of Theori
Service Workers
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6
Impact: Service workers may leak private browsing history
Description: The issue was addressed with improved handling of
service worker lifetime.
CVE-2019-8725: Michael Thwaite of Connect Media
Additional recognition
Safari
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) of
TurkishKit for their assistance.
Installation note:
Safari 13.0.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NGWkACgkQBz4uGe3y
0M1rohAAqaD5bYeP305cUxNucHOv/KOKf6LVk2GK71oLTgIHTGKInLKCD3xZ7Ml/
jOYFbMFDbDyi/lTepa5+yAWcvuB40T7AqstwnG/Ntwzi1LfCRnCHE60lZ/6ACLCC
SB0KRxrhWwgUiZamtSRVeg4ZzDn/5sYwzQgmWx8Oa+/31Ch6TgyvGmljG4vt2Ijx
Vvnvml7IY/glnp53XsmkkvXwr6gOYEA8oFPPaBQnkDQl9voUQhWvZ2HvqZSxJ8NB
Mwj77QOPnNnFNp4Av0CI8tAWZbH6SPpkZZ12OwX2cAyXfa25ptolSOHp51Fs6X+Y
fiOUr1L8ozxTM4vr2MlQYQw6enQ6qyp48hfBWzq6aEpuXJ/BMbfTqnf9rZYdRUpA
Lsxp4CaE6wlrdZXuL2Cj6aiLzvHCiROpGuJrKNBMZqShGjB6q5gTPqWRueeKRH+W
+ywhftihfw+MpiHd56dat+iOFKDfnSmSkRya85sLbN0UNMSJzRb8sdPWBZ2KCwWk
xkyUDaDaVQaEj17FQ18hUrBX38wjpp9yD7nDNcQdr60P0Xm2eCt0lspwiCE3gl1p
DfZiCC1QROE6zIZJktTy9ygZcnBerFY60M7tN0qcf+x6vkfIska+CJChz14qd7+p
ag/jn1JHTThJFRenF1P6W70k8rWsHbv5VuyL9Mih0RX0UVBptes=
=gcEu
-----END PGP SIGNATURE-----
| VAR-201912-0560 | CVE-2019-8739 | Xcode Memory corruption vulnerability |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-9-26-7 Xcode 11.0
Xcode 11.0 addresses the following:
IDE SCM
Available for: macOS Mojave 10.14.4 and later
Impact: Multiple issues in libssh2
Description: Multiple issues were addressed by updating to version
2.16.
CVE-2019-3855: Chris Coulson
ld64
Available for: macOS Mojave 10.14.4 and later
Impact: Compiling code without proper input validation could lead to
arbitrary code execution with user privilege
Description: Multiple issues in ld64 in the Xcode toolchains were
addressed by updating to version ld64-507.4.
CVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team
otool
Available for: macOS Mojave 10.14.4 and later
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
CVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
Installation note:
Xcode 11.0 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "11.0".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NDI4ACgkQBz4uGe3y
0M3yBg//WnHzKci0fwo78s/jomFP1EcSVj8FQ5T3ycwITMK01X5WDyZUHJw4rHJH
l3NaJLFkjXXovzBl0aQzGHoRvOiYoMJeBCaZeix3dafLdA+6whZ8VREie4ncY31y
EI0KoPxBxocLu0WaMUmEatDJsGqQWWFy0Q4LGGmDyOIXnrRqWJrLE7Qmm6IvOr1Q
ViDpLeWzymHaAQiiXnpUR9nDvpCEA5irlbKzvmfA55FLzUYdh1RBJUjrsR+JcUJ0
IewyJD6FpFMzpOImQJ22oBArN++Fag6KjlmTDbmL1O2uCHbl1x71ZhOPBRhgWFkP
X3nXTYFLGM22SWzOjBn8el05AAfOmkuISP9219HEXfbAYZliTQw37L2VlZ86nCn2
A3F258d8m1UAOh7NGvsDN4WUQ/QD4PQ0OUPSzQtztMXHZwoSiF92fw6epCkH10dV
xb28tXuv4eI3aI2ncgf5fClOwsC6/IFeheTfimsL+6ccro2C1IiJvcMnBH7HBZ+9
k4Z414NOKlUsbhTX+8lcLKKzpN/WxppmyN01fIdwO2anu1IRXOI2D3TvRKFI+pkr
u4u/ohjf8lmCgoDPyAa4YDmiYu9I5qMb/CmLwwhdYjX2NeUBSEPb3Ctga6jwP6RH
/3kg2VAgACUG+nR08itzvCMwCzkILfiCSy6D9EkPed5aoPGIrP4=
=9Hep
-----END PGP SIGNATURE-----
| VAR-201912-0559 | CVE-2019-8738 | Xcode Memory corruption vulnerability |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
A memory corruption issue was addressed with improved state management. This issue is fixed in Xcode 11.0. Processing a maliciously crafted file may lead to arbitrary code execution. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. otool is one of the decompilation tools for Mac OS X applications. A security vulnerability exists in the otool component of Apple Xcode prior to 11.0. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-9-26-7 Xcode 11.0
Xcode 11.0 addresses the following:
IDE SCM
Available for: macOS Mojave 10.14.4 and later
Impact: Multiple issues in libssh2
Description: Multiple issues were addressed by updating to version
2.16.
CVE-2019-3855: Chris Coulson
ld64
Available for: macOS Mojave 10.14.4 and later
Impact: Compiling code without proper input validation could lead to
arbitrary code execution with user privilege
Description: Multiple issues in ld64 in the Xcode toolchains were
addressed by updating to version ld64-507.4.
CVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team
otool
Available for: macOS Mojave 10.14.4 and later
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
CVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
Installation note:
Xcode 11.0 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "11.0".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NDI4ACgkQBz4uGe3y
0M3yBg//WnHzKci0fwo78s/jomFP1EcSVj8FQ5T3ycwITMK01X5WDyZUHJw4rHJH
l3NaJLFkjXXovzBl0aQzGHoRvOiYoMJeBCaZeix3dafLdA+6whZ8VREie4ncY31y
EI0KoPxBxocLu0WaMUmEatDJsGqQWWFy0Q4LGGmDyOIXnrRqWJrLE7Qmm6IvOr1Q
ViDpLeWzymHaAQiiXnpUR9nDvpCEA5irlbKzvmfA55FLzUYdh1RBJUjrsR+JcUJ0
IewyJD6FpFMzpOImQJ22oBArN++Fag6KjlmTDbmL1O2uCHbl1x71ZhOPBRhgWFkP
X3nXTYFLGM22SWzOjBn8el05AAfOmkuISP9219HEXfbAYZliTQw37L2VlZ86nCn2
A3F258d8m1UAOh7NGvsDN4WUQ/QD4PQ0OUPSzQtztMXHZwoSiF92fw6epCkH10dV
xb28tXuv4eI3aI2ncgf5fClOwsC6/IFeheTfimsL+6ccro2C1IiJvcMnBH7HBZ+9
k4Z414NOKlUsbhTX+8lcLKKzpN/WxppmyN01fIdwO2anu1IRXOI2D3TvRKFI+pkr
u4u/ohjf8lmCgoDPyAa4YDmiYu9I5qMb/CmLwwhdYjX2NeUBSEPb3Ctga6jwP6RH
/3kg2VAgACUG+nR08itzvCMwCzkILfiCSy6D9EkPed5aoPGIrP4=
=9Hep
-----END PGP SIGNATURE-----
| VAR-201912-0561 | CVE-2019-8742 | iOS Lock screen vulnerability |
CVSS V2: 2.1 CVSS V3: 2.4 Severity: LOW |
The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13. A person with physical access to an iOS device may be able to access contacts from the lock screen. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Messages is one of the application components for sending texts, photos and videos. A security vulnerability exists in the Messages component in versions prior to Apple iOS 13. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi
Adana/TÜRKİYE
CFNetwork
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial
Light-Year Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: iPhone 6s and later
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5)
UIFoundation
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8771: Eliya Stein of Confiant
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
| VAR-201912-0558 | CVE-2019-8731 | iOS Permissions vulnerability |
CVSS V2: 4.3 CVSS V3: 5.5 Severity: MEDIUM |
A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue is fixed in iOS 13. Processing a maliciously crafted file may disclose user information. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Quick Look is one of the components used to view common resource files. An authorization issue vulnerability exists in the Quick Look component in versions prior to Apple iOS 13. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi
Adana/TÜRKİYE
CFNetwork
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial
Light-Year Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: iPhone 6s and later
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5)
UIFoundation
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8771: Eliya Stein of Confiant
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
| VAR-201912-0530 | CVE-2019-8725 | Safari Vulnerabilities in private browsing history information disclosure |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
The issue was addressed with improved handling of service worker lifetime. This issue is fixed in Safari 13.0.1. Service workers may leak private browsing history. Apple Safari is a web browser of Apple (Apple), the default browser included with Mac OS X and iOS operating systems. Service Workers is one of the plugins for handling network requests and assisting with offline-first development, push notifications, and background syncing. A security vulnerability exists in the Service Workers component of Apple Safari prior to 13.0.1. An attacker could exploit this vulnerability to disclose private browsing records. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-9-26-9 Safari 13.0.1
Safari 13.0.1 addresses the following:
Safari
Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6
Impact: Visiting a malicious website may lead to user interface
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2019-8725: Michael Thwaite of Connect Media
Additional recognition
Safari
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) of
TurkishKit for their assistance.
Installation note:
Safari 13.0.1 may be obtained from the Mac App Store.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NGWkACgkQBz4uGe3y
0M1rohAAqaD5bYeP305cUxNucHOv/KOKf6LVk2GK71oLTgIHTGKInLKCD3xZ7Ml/
jOYFbMFDbDyi/lTepa5+yAWcvuB40T7AqstwnG/Ntwzi1LfCRnCHE60lZ/6ACLCC
SB0KRxrhWwgUiZamtSRVeg4ZzDn/5sYwzQgmWx8Oa+/31Ch6TgyvGmljG4vt2Ijx
Vvnvml7IY/glnp53XsmkkvXwr6gOYEA8oFPPaBQnkDQl9voUQhWvZ2HvqZSxJ8NB
Mwj77QOPnNnFNp4Av0CI8tAWZbH6SPpkZZ12OwX2cAyXfa25ptolSOHp51Fs6X+Y
fiOUr1L8ozxTM4vr2MlQYQw6enQ6qyp48hfBWzq6aEpuXJ/BMbfTqnf9rZYdRUpA
Lsxp4CaE6wlrdZXuL2Cj6aiLzvHCiROpGuJrKNBMZqShGjB6q5gTPqWRueeKRH+W
+ywhftihfw+MpiHd56dat+iOFKDfnSmSkRya85sLbN0UNMSJzRb8sdPWBZ2KCwWk
xkyUDaDaVQaEj17FQ18hUrBX38wjpp9yD7nDNcQdr60P0Xm2eCt0lspwiCE3gl1p
DfZiCC1QROE6zIZJktTy9ygZcnBerFY60M7tN0qcf+x6vkfIska+CJChz14qd7+p
ag/jn1JHTThJFRenF1P6W70k8rWsHbv5VuyL9Mih0RX0UVBptes=
=gcEu
-----END PGP SIGNATURE-----
| VAR-201912-0529 | CVE-2019-8724 | Xcode Input validation vulnerability in toolchain |
CVSS V2: 9.3 CVSS V3: 8.8 Severity: HIGH |
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. ld64 is one of the Apple toolchain linkers. There is a security vulnerability in the ld64 component in Apple Xcode versions prior to 11.0. The vulnerability is caused by the program not performing correct input validation.
CVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team
otool
Available for: macOS Mojave 10.14.4 and later
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
CVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
Installation note:
Xcode 11.0 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "11.0".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NDI4ACgkQBz4uGe3y
0M3yBg//WnHzKci0fwo78s/jomFP1EcSVj8FQ5T3ycwITMK01X5WDyZUHJw4rHJH
l3NaJLFkjXXovzBl0aQzGHoRvOiYoMJeBCaZeix3dafLdA+6whZ8VREie4ncY31y
EI0KoPxBxocLu0WaMUmEatDJsGqQWWFy0Q4LGGmDyOIXnrRqWJrLE7Qmm6IvOr1Q
ViDpLeWzymHaAQiiXnpUR9nDvpCEA5irlbKzvmfA55FLzUYdh1RBJUjrsR+JcUJ0
IewyJD6FpFMzpOImQJ22oBArN++Fag6KjlmTDbmL1O2uCHbl1x71ZhOPBRhgWFkP
X3nXTYFLGM22SWzOjBn8el05AAfOmkuISP9219HEXfbAYZliTQw37L2VlZ86nCn2
A3F258d8m1UAOh7NGvsDN4WUQ/QD4PQ0OUPSzQtztMXHZwoSiF92fw6epCkH10dV
xb28tXuv4eI3aI2ncgf5fClOwsC6/IFeheTfimsL+6ccro2C1IiJvcMnBH7HBZ+9
k4Z414NOKlUsbhTX+8lcLKKzpN/WxppmyN01fIdwO2anu1IRXOI2D3TvRKFI+pkr
u4u/ohjf8lmCgoDPyAa4YDmiYu9I5qMb/CmLwwhdYjX2NeUBSEPb3Ctga6jwP6RH
/3kg2VAgACUG+nR08itzvCMwCzkILfiCSy6D9EkPed5aoPGIrP4=
=9Hep
-----END PGP SIGNATURE-----
| VAR-201912-0528 | CVE-2019-8723 | Xcode Input validation vulnerability in toolchain |
CVSS V2: 9.3 CVSS V3: 8.8 Severity: HIGH |
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. ld64 is one of the Apple toolchain linkers. There is a security vulnerability in the ld64 component in Apple Xcode versions prior to 11.0. The vulnerability is caused by the program not performing correct input validation.
CVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team
otool
Available for: macOS Mojave 10.14.4 and later
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
CVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
Installation note:
Xcode 11.0 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "11.0".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NDI4ACgkQBz4uGe3y
0M3yBg//WnHzKci0fwo78s/jomFP1EcSVj8FQ5T3ycwITMK01X5WDyZUHJw4rHJH
l3NaJLFkjXXovzBl0aQzGHoRvOiYoMJeBCaZeix3dafLdA+6whZ8VREie4ncY31y
EI0KoPxBxocLu0WaMUmEatDJsGqQWWFy0Q4LGGmDyOIXnrRqWJrLE7Qmm6IvOr1Q
ViDpLeWzymHaAQiiXnpUR9nDvpCEA5irlbKzvmfA55FLzUYdh1RBJUjrsR+JcUJ0
IewyJD6FpFMzpOImQJ22oBArN++Fag6KjlmTDbmL1O2uCHbl1x71ZhOPBRhgWFkP
X3nXTYFLGM22SWzOjBn8el05AAfOmkuISP9219HEXfbAYZliTQw37L2VlZ86nCn2
A3F258d8m1UAOh7NGvsDN4WUQ/QD4PQ0OUPSzQtztMXHZwoSiF92fw6epCkH10dV
xb28tXuv4eI3aI2ncgf5fClOwsC6/IFeheTfimsL+6ccro2C1IiJvcMnBH7HBZ+9
k4Z414NOKlUsbhTX+8lcLKKzpN/WxppmyN01fIdwO2anu1IRXOI2D3TvRKFI+pkr
u4u/ohjf8lmCgoDPyAa4YDmiYu9I5qMb/CmLwwhdYjX2NeUBSEPb3Ctga6jwP6RH
/3kg2VAgACUG+nR08itzvCMwCzkILfiCSy6D9EkPed5aoPGIrP4=
=9Hep
-----END PGP SIGNATURE-----
| VAR-201912-0527 | CVE-2019-8722 | Xcode Input validation vulnerability in toolchain |
CVSS V2: 9.3 CVSS V3: 8.8 Severity: HIGH |
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. ld64 is one of the Apple toolchain linkers. There is a security vulnerability in the ld64 component in Apple Xcode versions prior to 11.0. The vulnerability is caused by the program not performing correct input validation.
CVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team
otool
Available for: macOS Mojave 10.14.4 and later
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
CVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
Installation note:
Xcode 11.0 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "11.0".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NDI4ACgkQBz4uGe3y
0M3yBg//WnHzKci0fwo78s/jomFP1EcSVj8FQ5T3ycwITMK01X5WDyZUHJw4rHJH
l3NaJLFkjXXovzBl0aQzGHoRvOiYoMJeBCaZeix3dafLdA+6whZ8VREie4ncY31y
EI0KoPxBxocLu0WaMUmEatDJsGqQWWFy0Q4LGGmDyOIXnrRqWJrLE7Qmm6IvOr1Q
ViDpLeWzymHaAQiiXnpUR9nDvpCEA5irlbKzvmfA55FLzUYdh1RBJUjrsR+JcUJ0
IewyJD6FpFMzpOImQJ22oBArN++Fag6KjlmTDbmL1O2uCHbl1x71ZhOPBRhgWFkP
X3nXTYFLGM22SWzOjBn8el05AAfOmkuISP9219HEXfbAYZliTQw37L2VlZ86nCn2
A3F258d8m1UAOh7NGvsDN4WUQ/QD4PQ0OUPSzQtztMXHZwoSiF92fw6epCkH10dV
xb28tXuv4eI3aI2ncgf5fClOwsC6/IFeheTfimsL+6ccro2C1IiJvcMnBH7HBZ+9
k4Z414NOKlUsbhTX+8lcLKKzpN/WxppmyN01fIdwO2anu1IRXOI2D3TvRKFI+pkr
u4u/ohjf8lmCgoDPyAa4YDmiYu9I5qMb/CmLwwhdYjX2NeUBSEPb3Ctga6jwP6RH
/3kg2VAgACUG+nR08itzvCMwCzkILfiCSy6D9EkPed5aoPGIrP4=
=9Hep
-----END PGP SIGNATURE-----
| VAR-201912-0526 | CVE-2019-8721 | Xcode Input validation vulnerability in toolchain |
CVSS V2: 9.3 CVSS V3: 8.8 Severity: HIGH |
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. ld64 is one of the Apple toolchain linkers. There is a security vulnerability in the ld64 component in Apple Xcode versions prior to 11.0. The vulnerability is caused by the program not performing correct input validation.
CVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team
CVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team
otool
Available for: macOS Mojave 10.14.4 and later
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
CVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
Installation note:
Xcode 11.0 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
* Select Xcode in the menu bar
* Select About Xcode
* The version after applying this update will be "11.0".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NDI4ACgkQBz4uGe3y
0M3yBg//WnHzKci0fwo78s/jomFP1EcSVj8FQ5T3ycwITMK01X5WDyZUHJw4rHJH
l3NaJLFkjXXovzBl0aQzGHoRvOiYoMJeBCaZeix3dafLdA+6whZ8VREie4ncY31y
EI0KoPxBxocLu0WaMUmEatDJsGqQWWFy0Q4LGGmDyOIXnrRqWJrLE7Qmm6IvOr1Q
ViDpLeWzymHaAQiiXnpUR9nDvpCEA5irlbKzvmfA55FLzUYdh1RBJUjrsR+JcUJ0
IewyJD6FpFMzpOImQJ22oBArN++Fag6KjlmTDbmL1O2uCHbl1x71ZhOPBRhgWFkP
X3nXTYFLGM22SWzOjBn8el05AAfOmkuISP9219HEXfbAYZliTQw37L2VlZ86nCn2
A3F258d8m1UAOh7NGvsDN4WUQ/QD4PQ0OUPSzQtztMXHZwoSiF92fw6epCkH10dV
xb28tXuv4eI3aI2ncgf5fClOwsC6/IFeheTfimsL+6ccro2C1IiJvcMnBH7HBZ+9
k4Z414NOKlUsbhTX+8lcLKKzpN/WxppmyN01fIdwO2anu1IRXOI2D3TvRKFI+pkr
u4u/ohjf8lmCgoDPyAa4YDmiYu9I5qMb/CmLwwhdYjX2NeUBSEPb3Ctga6jwP6RH
/3kg2VAgACUG+nR08itzvCMwCzkILfiCSy6D9EkPed5aoPGIrP4=
=9Hep
-----END PGP SIGNATURE-----
| VAR-201912-0531 | CVE-2019-8727 | iOS Logic vulnerability in |
CVSS V2: 4.3 CVSS V3: 4.3 Severity: MEDIUM |
A logic issue was addressed with improved state management. This issue is fixed in iOS 13. Visiting a malicious website may lead to address bar spoofing. iOS Contains a logic vulnerability due to a flaw in state management.malicious Web Browsing the site can disguise the address bar. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Safari is one of the dedicated components of the Safari browser. A security vulnerability exists in Safari components in versions prior to Apple's iOS 13. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi
Adana/TÜRKİYE
CFNetwork
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial
Light-Year Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: iPhone 6s and later
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5)
UIFoundation
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8771: Eliya Stein of Confiant
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
| VAR-201912-0523 | CVE-2019-8711 | iOS Vulnerable to information disclosure |
CVSS V2: 5.0 CVSS V3: 5.3 Severity: MEDIUM |
A logic issue existed with the display of notification previews. This issue was addressed with improved validation. This issue is fixed in iOS 13. Notification previews may show on Bluetooth accessories even when previews are disabled. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Bluetooth is one of the Bluetooth components. A security vulnerability exists in the Bluetooth component in versions prior to Apple iOS 13. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi
Adana/TÜRKİYE
CFNetwork
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial
Light-Year Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: iPhone 6s and later
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5)
UIFoundation
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8771: Eliya Stein of Confiant
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
| VAR-201912-0521 | CVE-2019-8704 | tvOS Authentication vulnerability |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
An authentication issue was addressed with improved state management. This issue is fixed in tvOS 13. A local user may be able to leak sensitive user information. A security vulnerability exists in the Keyboards component of Apple iOS versions prior to 13 and tvOS versions prior to 13.
Entry added October 29, 2019
boringssl
We would like to acknowledge Nimrod Aviram of Tel Aviv University,
Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr
University Bochum and Thijs Alkemade (@xnyhps) of Computest for their
assistance. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi
Adana/TÜRKİYE
CFNetwork
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
Entry added October 29, 2019
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial
Light-Year Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: iPhone 6s and later
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5)
UIFoundation
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8771: Eliya Stein of Confiant
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
| VAR-201912-0522 | CVE-2019-8705 | plural Apple Updates to product vulnerabilities |
CVSS V2: 4.3 CVSS V3: 5.5 Severity: MEDIUM |
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15, tvOS 13. Processing a maliciously crafted movie may result in the disclosure of process memory. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * information leak * Falsification of information * Arbitrary code execution * Service operation interruption (DoS) * Privilege escalation * Authentication bypass. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. CoreAudio is one of the core audio components. A security vulnerability exists in the CoreAudio component of Apple iOS versions prior to 13, Apple watchOS versions prior to 6, and versions prior to tvOS 13. An attacker can exploit this vulnerability to leak process memory.
CVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security
Research Team
apache_mod_php
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Multiple issues in PHP
Description: Multiple issues were addressed by updating to PHP
version 7.3.8.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Entry added October 29, 2019
Books
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Parsing a maliciously crafted iBooks file may lead to a
persistent denial-of-service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Crash Reporter
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: The "Share Mac Analytics" setting may not be disabled when a
user deselects the switch to share analytics
Description: A race condition existed when reading and writing user
preferences.
CVE-2019-8757: William Cerniuk of Core Development, LLC
CUPS
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An input validation issue was addressed with improved
input validation.
CVE-2019-8767: Stephen Zeisberg
Entry added October 29, 2019
CUPS
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2019-8758: Lilang Wu and Moony Li of Trend Micro
IOGraphics
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8750: found by OSS-Fuzz
Entry added October 29, 2019
mDNSResponder
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker in physical proximity may be able to passively
observe device names in AWDL communications
Description: This issue was resolved by replacing device names with a
random identifier.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
PDFKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: An attacker may be able to exfiltrate the contents of an
encrypted PDF
Description: An issue existed in the handling of links in encrypted
PDFs.
CVE-2019-8701: Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992)
and pjf of IceSword Lab of Qihoo 360
UIFoundation
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Parsing a maliciously crafted text file may lead to
disclosure of user information
Description: This issue was addressed with improved checks. Diaz (coldpointblue)
WebKit
Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012
and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and
later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro
(Late 2013 and later)
Impact: Visiting a maliciously crafted website may reveal browsing
history
Description: An issue existed in the drawing of web page elements.
boringssl
We would like to acknowledge Nimrod Aviram of Tel Aviv University,
Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr
University Bochum and Thijs Alkemade (@xnyhps) of Computest for their
assistance.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-6 Additional information
for APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi
Adana/TÜRKİYE
CFNetwork
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
CoreCrypto
Available for: iPhone 6s and later
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved
input validation.
CVE-2019-8741: Nicky Mouha of NIST
Entry added October 29, 2019
CoreMedia
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8825: Found by GWP-ASan in Google Chrome
Entry added October 29, 2019
Face ID
Available for: iPhone 6s and later
Impact: A 3D model constructed to look like the enrolled user may
authenticate via Face ID
Description: This issue was addressed by improving Face ID machine
learning models.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial
Light-Year Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project
Zero
Entry added October 29, 2019
IOUSBDeviceFamily
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8709: derrek (@derrekr6)
[confirmed]derrek (@derrekr6)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: A memory corruption issue existed in the handling of
IPv6 packets.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Entry added October 29, 2019
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: iPhone 6s and later
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
Entry added October 29, 2019
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Notes
Available for: iPhone 6s and later
Impact: A local user may be able to view a user's locked notes
Description: The contents of locked notes sometimes appeared in
search results.
CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia
Polytechnic Institute and State University
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: A local user may be able to check for the existence of
arbitrary files
Description: A logic issue was addressed with improved restrictions.
CVE-2019-8708: an anonymous researcher
Entry added October 29, 2019
PluginKit
Available for: iPhone 6s and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8715: an anonymous researcher
Entry added October 29, 2019
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5)
UIFoundation
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero
Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2019-8771: Eliya Stein of Confiant
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: A user may be unable to delete browsing history items
Description: "Clear History and Website Data" did not clear the
history.
CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Entry added October 29, 2019
WebKit
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero
Additional recognition
AppleRTC
We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio
We would like to acknowledge riusksk of VulWar Corp working with
Trend Micro's Zero Day Initiative for their assistance.
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
boringssl
We would like to acknowledge Thijs Alkemade (@xnyhps) of Computest
for their assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for
their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School
and James Seeley (@Code4iOS) of Shriver Job Corps for their
assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
VPN
We would like to acknowledge Royce Gawron of Second Son Consulting,
Inc. for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s3oACgkQBz4uGe3y
0M1GMxAAnwBO9htU2i7+SHsXiEt2xJbjilLMM9V5LObjUWqaHXOxdQuYiPxFy9lR
neTOHwR2z1f3L3UPkGut28i24w7fwHVBdFh7w5p5RXlBf7tcRmFhKBUkYIhQ90Qj
jO6DXiCL9InCBVs2nW9Fr4yYV13kdoES6MfguyldGVpQMkyUcZ3F2XK0RCHNqEgz
h+1dR/uws3Ce+HNbb7wnqe4UzAI5DJUR/vH98+fWTl5P6CCaoZrv53vaxErLRBXi
gn/4rtzw+wDlThlrpkE5MwxmvLMF2ZqjUhOSVzKb3qXK+RFgE9FH8SKEBKkCxAa+
8/vZu+zdbN6KCzO608TXH9rNO2LbtQqTlO/jHGTJ30UEaKo9PyFozGkCE6XkWmFU
xtayVkSL08drJEgm+CB80g//hr2CESF0fMHFe8yQYeN2uL5yQxoavyub8E/nPKn1
v32Z6Z2fpGzP3eCLYbV93cBcdJaeXTdib47vvodyYFfFEja7xrv0AvPAbSSm98DK
VtFw3eNAKRbmIEAeY4b1uhdB+qUiqMEWqh0sd97+chY2Do90/4IG/3caLc0pTpDt
huDUQs/IbSujrdjCWSfz35qU4u9sxPpM8wQR2M7mdfY9qGp+Xgfh/MprSZ4wOuS3
PAAs5Pdr9GfymsB+CDpMEr+DiTOza6SUjIadZ+j2FWaklzg7h1A=
=NYIZ
-----END PGP SIGNATURE-----
| VAR-201912-0131 | CVE-2019-8775 | plural Apple Updates to product vulnerabilities |
CVSS V2: 2.1 CVSS V3: 2.4 Severity: LOW |
The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass.
CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at
Technische Universität Darmstadt
App Store
Available for: Apple Watch Series 1 and later
Impact: A local attacker may be able to login to the account of a
previously logged in user without valid credentials.
CVE-2019-8798: ABC Research s.r.o.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-10-29-11 Additional information
for APPLE-SA-2019-9-26-8 iOS 13.1 and iPadOS 13.1
iOS 13.1 and iPadOS 13.1 address the following:
AppleFirmwareUpdateKext
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2019-8747: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Audio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab
Entry added October 29, 2019
Books
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Parsing a maliciously crafted iBooks file may lead to a
persistent denial-of-service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2019-8740: Mohamed Ghannam (@_simo36)
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A local app may be able to read a persistent account
identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Entry added October 29, 2019
Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A malicious application may be able to determine kernel
memory layout
Description: The issue was addressed with improved permissions logic.
CVE-2019-8780: Siguza
libxslt
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2019-8750: found by OSS-Fuzz
Entry added October 29, 2019
mDNSResponder
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: An attacker in physical proximity may be able to passively
observe device names in AWDL communications
Description: This issue was resolved by replacing device names with a
random identifier.
CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile
Networking Lab at Technische Universität Darmstadt
Entry added October 29, 2019
VoiceOver
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8775: videosdebarraquito
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Visiting a maliciously crafted website may reveal browsing
history
Description: An issue existed in the drawing of web page elements.
CVE-2019-8769: Piérre Reimertz (@reimertz)
WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch 7th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8710: found by OSS-Fuzz
CVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin
Group
CVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8763: Sergei Glazunov of Google Project Zero
CVE-2019-8765: Samuel Groß of Google Project Zero
CVE-2019-8766: found by OSS-Fuzz
CVE-2019-8773: found by OSS-Fuzz
Additional recognition
boringssl
We would like to acknowledge Nimrod Aviram of Tel Aviv University,
Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr
University Bochum for their assistance.
Entry added October 29, 2019
Find My iPhone
We would like to acknowledge an anonymous researcher for their
assistance.
Identity Service
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
Notes
We would like to acknowledge an anonymous researcher for their
assistance.
Share Sheet
We would like to acknowledge Milan Stute of Secure Mobile Networking
Lab at Technische Universität Darmstadt for their assistance.
Status Bar
We would like to acknowledge Isaiah Kahler, Mohammed Adham, and an
anonymous researcher for their assistance.
Telephony
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13.1 and iPadOS 13.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5UpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3wrA/9
G4tF+kYWc/7JI3gglC1/OqfJv+G+N5GnI6foGtyu9S8cSRx+bZFHTp4yYC6zmKow
hCE9LZrWczuMvBlN134uMY9bj/12TaIbrbjeM3nink1FrnuXNOdfA4X4dEdkssRH
DbAqbnjMlSgfH0Px+07utmrytRh4/EtQt+LNQqLUlsMzCgoPDRLlxNC0PhBdEjhr
KXidFZ7g5v/RxIAuXFsjpUOfxUJxgMkTSIvxQu7mlGKEasKZOkXDmzVVogE0Zt3k
Zsn3uSCL+r/qUVE8/LQMMOf192+0DB/0CHay/oyf9JteuAquMFZhvbqapDOpiFGh
33JN3gj/SA1N+7bJhoG+jx73IfQrHF5tBRwKb3saE/IKvM4WlKStRB1x3mmTlkxC
mObxaGFmFjZNKgC+CXm0fQ0343jvTsw88RKM6XOlisybxEVLFHeBxrrFNIOU+C+w
llItCsmC4iSe8s80Rwu52sLGpHRLtBBCB02sZqRCe4/znYpEA3vcWp8DtafSz4sc
cEEYhJlyWOMKRpiszCpfw0AvbIX/QfudT+Vd414eQOdGzBPaM5TAMyudX+zfD27R
hUYSPC3/ZqgxHkYk48SbCT74XpVZcgLVL4Rxxg4N6xW+zHtE8Cyl69cIAkSWP/rY
4fUMIYDjQlPNYof0CFuQRA4IrEQGtN3vDlxycfUWMts=
=q3r7
-----END PGP SIGNATURE-----
| VAR-201912-0127 | CVE-2019-8760 | iOS Vulnerabilities related to cryptographic strength |
CVSS V2: 4.6 CVSS V3: 6.8 Severity: MEDIUM |
This issue was addressed by improving Face ID machine learning models. This issue is fixed in iOS 13. A 3D model constructed to look like the enrolled user may authenticate via Face ID. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Face ID is one of the facial recognition components. There is a security vulnerability in the Face ID component of Apple iOS versions prior to 13. Attackers can use 3D models to exploit this vulnerability for authentication. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-9-26-3 iOS 13
iOS 13 addresses the following:
Bluetooth
Available for: iPhone 6s and later
Impact: Notification previews may show on Bluetooth accessories even
when previews are disabled
Description: A logic issue existed with the display of notification
previews. This issue was addressed with improved validation.
CVE-2019-8711: Arjang of MARK ANTHONY GROUP INC., Cemil Ozkebapci
(@cemilozkebapci) of Garanti BBVA, Oguzhan Meral of Deloitte
Consulting, Ömer Bozdoğan-Ramazan Atıl Anadolu Lisesi Adana/TÜRKİYE
CoreAudio
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted movie may result in the
disclosure of process memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-8760: Wish Wu (吴潍浠 @wish_wu) of Ant-financial Light-Year
Security Lab
Foundation
Available for: iPhone 6s and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project
Zero
Keyboards
Available for: iPhone 6s and later
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved
state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
Messages
Available for: iPhone 6s and later
Impact: A person with physical access to an iOS device may be able to
access contacts from the lock screen
Description: The issue was addressed by restricting options offered
on a locked device.
CVE-2019-8742: videosdebarraquito
Quick Look
Available for: iPhone 6s and later
Impact: Processing a maliciously crafted file may disclose user
information
Description: A permissions issue existed in which execute permission
was incorrectly granted. This issue was addressed with improved
permission validation.
CVE-2019-8731: Saif Hamed Hamdan Al Hinai of Oman National CERT,
Yiğit Can YILMAZ (@yilmazcanyigit)
Safari
Available for: iPhone 6s and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2019-8727: Divyanshu Shukla (@justm0rph3u5) of Quotient
Technology
WebKit Page Loading
Available for: iPhone 6s and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674
Additional recognition
Bluetooth
We would like to acknowledge Jan Ruge of TU Darmstadt, Secure Mobile
Networking Lab, Jiska Classen of TU Darmstadt, Secure Mobile
Networking Lab, Francesco Gringoli of University of Brescia, Dennis
Heinze of TU Darmstadt, Secure Mobile Networking Lab for their
assistance.
Control Center
We would like to acknowledge Brandon Sellers for their assistance.
Keyboard
We would like to acknowledge an anonymous researcher for their
assistance.
Mail
We would like to acknowledge Kenneth Hyndycz for their assistance.
Profiles
We would like to acknowledge James Seeley (@Code4iOS) of Shriver Job
Corps for their assistance.
SafariViewController
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for
their assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 13".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2NGXUACgkQBz4uGe3y
0M0IaxAAsylDd2Oc5zuJXYgbN/WXihPF0k8Swhxypi65S1NbMLMrvL64NDPEpp2W
BQ10PBqcPR4KDEnxTBn4AbcMPJE+U9LDcclv8+L2mopbjhQKBOKbCnWuxTfN2wk7
XfuSci+dFA4mQ3GPX6s+2+vqT59O001QeOQqvSDxBFsjlQTW1Vq96YHHb0KC4tDO
r3nZZWboCPpVNkyXdFwKd6m+eqqMJaMNTj5el/5AZ3H7ynSe7sKI/gvZWgZSj/Nj
hnbHIEAVCBwBzLY+3MQ8qNKi3M/gDbTYkuEj0+yUZ45gfj/ZgOyznggkn1yXA/Qw
7Uo1W1u75M3tHx1citWdQAq3UsGT8yxMQkYyZzU0h7bwNR6k6jy7NblAYEGNaas9
aMBxkL80QR8HvQmalMHgexC/bgg8grmf0ZzBmJcW9/zdYXcwPPn3dcukLQqXNo4o
CgBDmLScJS9/0ULAk1MUgtb+FgmgI+u4pKqr6BRuEOCuyU8Pu4t0DzG/g7sVdCf4
EzVTrYjFLstd+waAj0TD4fCMDzrtc920Kfetxoq0tUkBj25KrWLrkhzgVCRd+GP8
o4IMT1AVuwxdmUQxsaQIC7qRWtYOwsGD4eSYXyZWfNvhacRm7QCNVGcYiw7bdd/u
Q6eST5657wg/kFHQybkilyZ2DhyToMzW6kBkbXazY2ITiAegwp8=
=uZLp
-----END PGP SIGNATURE-----
| VAR-201909-0090 | CVE-2019-3766 | Dell EMC ECS Vulnerable to improper restriction of excessive authentication attempts |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticated remote attacker may potentially perform a password brute-force attack to gain access to the targeted accounts. Dell EMC Elastic Cloud Storage (ECS) is a set of software-defined object storage systems from Dell. The vulnerability stems from the fact that the program does not restrict excessive authentication requests