CVE-2019-8549
https://notcve.org/view.php?id=CVE-2019-8549
Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to execute arbitrary code with system privileges. Existían múltiples problemas de comprobación de entrada en el código generado por MIG. • https://support.apple.com/HT209599 https://support.apple.com/HT209600 https://support.apple.com/HT209601 https://support.apple.com/HT209602 • CWE-20: Improper Input Validation •
CVE-2019-8536 – webkitgtk: malicious crafted web content leads to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8536
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://support.apple.com/HT209599 https://support.apple.com/HT209601 https://support.apple.com/HT209602 https://support.apple.com/HT209603 https://support.apple.com/HT209604 https://support.apple.com/HT209605 https://access.redhat.com/security/cve/CVE-2019-8536 https://bugzilla.redhat.com/show_bug.cgi?id=1719213 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVE-2019-8518 – WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds Check
https://notcve.org/view.php?id=CVE-2019-8518
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordaron múltiples problemas de corrupción de memoria mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://www.exploit-db.com/exploits/46649 https://support.apple.com/HT209599 https://support.apple.com/HT209601 https://support.apple.com/HT209602 https://support.apple.com/HT209603 https://support.apple.com/HT209604 https://support.apple.com/HT209605 https://access.redhat.com/security/cve/CVE-2019-8518 https://bugzilla.redhat.com/show_bug.cgi?id=1719206 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVE-2019-7292
https://notcve.org/view.php?id=CVE-2019-7292
A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may result in the disclosure of process memory. Se solucionó un problema de comprobación con una lógica mejorada. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://support.apple.com/HT209599 https://support.apple.com/HT209601 https://support.apple.com/HT209602 https://support.apple.com/HT209603 https://support.apple.com/HT209604 https://support.apple.com/HT209605 • CWE-20: Improper Input Validation •
CVE-2019-8559 – webkitgtk: malicious web content leads to arbitrary code execution
https://notcve.org/view.php?id=CVE-2019-8559
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, watchOS versión 5.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://support.apple.com/HT209599 https://support.apple.com/HT209601 https://support.apple.com/HT209602 https://support.apple.com/HT209603 https://support.apple.com/HT209604 https://support.apple.com/HT209605 https://access.redhat.com/security/cve/CVE-2019-8559 https://bugzilla.redhat.com/show_bug.cgi?id=1719235 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •