CVE-2019-8516
https://notcve.org/view.php?id=CVE-2019-8516
A validation issue was addressed with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted string may lead to a denial of service. Se solucionó un problema de comprobación con una lógica mejorada. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2, watchOS versión 5.2. • https://support.apple.com/HT209599 https://support.apple.com/HT209600 https://support.apple.com/HT209601 https://support.apple.com/HT209602 • CWE-20: Improper Input Validation •
CVE-2019-8524 – Apple Safari GraphicsContext Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8524
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.2, tvOS versión 12.2, Safari versión 12.1, iTunes versión 12.9.4 para Windows, iCloud para Windows versión 7.11. • https://support.apple.com/HT209599 https://support.apple.com/HT209601 https://support.apple.com/HT209603 https://support.apple.com/HT209604 https://support.apple.com/HT209605 https://access.redhat.com/security/cve/CVE-2019-8524 https://bugzilla.redhat.com/show_bug.cgi?id=1719209 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •
CVE-2019-8517 – Apple macOS StreamFlatFont Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8517
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. Processing a maliciously crafted font may result in the disclosure of process memory. Una lectura fuera de límites se abordó con una mejor comprobación de límites. Este problema es corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2, watchOS versión 5.2. • https://support.apple.com/HT209599 https://support.apple.com/HT209600 https://support.apple.com/HT209601 https://support.apple.com/HT209602 • CWE-125: Out-of-bounds Read •
CVE-2019-8906
https://notcve.org/view.php?id=CVE-2019-8906
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. do_core_note en readelf.c en libmagic.a en la versión 5.35 de file tiene una lectura fuera de límites debido a una mala utilización de memcpy. • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html https://bugs.astron.com/view.php?id=64 https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f https://support.apple.com/kb/HT209599 https://support.apple.com/kb/HT209600 https://support.apple.com/kb/HT209601 https://support.apple.com/kb/HT209602 https://usn.ubuntu.com/3911-1 • CWE-125: Out-of-bounds Read •
CVE-2019-6233 – Apple Safari RenderBlockFlow Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6233
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de corrupción de memoria con la mejora de la gestión de memoria. Este problema se ha resuelto en iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 para Windows y iCloud para Windows 7.10. • http://www.securityfocus.com/bid/106691 https://security.gentoo.org/glsa/201903-12 https://support.apple.com/HT209443 https://support.apple.com/HT209447 https://support.apple.com/HT209449 https://support.apple.com/HT209450 https://support.apple.com/HT209451 • CWE-787: Out-of-bounds Write •