CVE-2019-8598
https://notcve.org/view.php?id=CVE-2019-8598
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. A malicious application may be able to read restricted memory. Un problema de comprobación de entrada fue abordado mejorando la comprobación de entrada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://research.checkpoint.com/2019/select-code_execution-from-using-sqlite https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2019-8605 – Apple Multiple Products Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2019-8605
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. A malicious application may be able to execute arbitrary code with system privileges. Un problema de uso de la memoria previamente liberada fue abordado con una gestión de memoria mejorada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1. • https://www.exploit-db.com/exploits/47409 https://www.exploit-db.com/exploits/46892 https://github.com/1nteger-c/CVE-2019-8605 https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 • CWE-416: Use After Free •
CVE-2019-8599
https://notcve.org/view.php?id=CVE-2019-8599
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 12.3. A person with physical access to an iOS device may be able to see the email address used for iTunes. Un problema lógico fue abordado con restricciones mejoradas. Este problema es corregido en iOS versión 12.3. • https://support.apple.com/HT210118 •
CVE-2019-8607 – webkitgtk: Out-of-bounds read leading to memory disclosure
https://notcve.org/view.php?id=CVE-2019-8607
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may result in the disclosure of process memory. Una lectura fuera de límites fue abordada con una comprobación de entrada mejorada. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, Safari 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8607 https://bugzilla.redhat.com/show_bug.cgi?id=1876897 • CWE-125: Out-of-bounds Read •
CVE-2019-8593
https://notcve.org/view.php?id=CVE-2019-8593
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, tvOS versión 12.3, watchOS versión 5.2.1. • https://support.apple.com/HT210118 https://support.apple.com/HT210120 https://support.apple.com/HT210122 • CWE-787: Out-of-bounds Write •