CVE-2019-8661 – macOS iMessage - Heap Overflow when Deserializing
https://notcve.org/view.php?id=CVE-2019-8661
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Mojave 10.14.6. A remote attacker may be able to cause arbitrary code execution. Un problema de uso de la memoria previamente liberada fue abordado con una gestión de memoria mejorada. Este problema es corregido en macOS Mojave versión 10.14.6. • https://www.exploit-db.com/exploits/47207 https://support.apple.com/HT210348 • CWE-416: Use After Free •
CVE-2019-8694
https://notcve.org/view.php?id=CVE-2019-8694
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6. An application may be able to execute arbitrary code with kernel privileges. Un problema de corrupción de memoria fue abordado mejorando el manejo de la memoria. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 • CWE-787: Out-of-bounds Write •
CVE-2019-8691 – Apple macOS AMDRadeonX4000_AMDSIGLContext RsrcAndXorByteFlag Out-Of-Bounds Read Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-8691
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory. Un problema de comprobación fue abordado mejorando el saneamiento de la entrada. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 • CWE-125: Out-of-bounds Read •
CVE-2019-8692 – Apple macOS AMDRadeonX4000 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8692
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.6. An application may be able to read restricted memory. Un problema de comprobación fue abordado mejorando el saneamiento de la entrada. Este problema es corregido en macOS Mojave versión 10.14.6. • https://support.apple.com/HT210348 • CWE-125: Out-of-bounds Read •
CVE-2019-8656
https://notcve.org/view.php?id=CVE-2019-8656
This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper. Esto se abordó con comprobaciones adicionales mediante Gatekeeper de los archivos montados por medio de un recurso compartido de red. Este problema se corrigió en macOS Mojave versión 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. • https://github.com/D00MFist/CVE-2019-8656 https://support.apple.com/en-us/HT210348 •