CVE-2019-8622 – Apple macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free
https://notcve.org/view.php?id=CVE-2019-8622
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, Safari 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://www.exploit-db.com/exploits/46888 https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8622 https://bugzilla.redhat.com/show_bug.cgi?id=1877048 • CWE-787: Out-of-bounds Write •
CVE-2019-8623 – Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized
https://notcve.org/view.php?id=CVE-2019-8623
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, watchOS versión 5.2.1, Safari 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://www.exploit-db.com/exploits/46889 https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210122 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8623 https://bugzilla.redhat.com/show_bug.cgi?id=1877049 • CWE-787: Out-of-bounds Write •
CVE-2019-8611 – Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - AIR Optimization Incorrectly Removes Assignment to Register
https://notcve.org/view.php?id=CVE-2019-8611
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, Safari 12.1.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. Processing maliciously crafted web content may lead to arbitrary code execution. Múltiples problemas de corrupción de memoria fueron abordados mejorando el manejo de la memoria. Este problema es corregido en iOS versión 12.3, macOS Mojave versión 10.14.5, tvOS versión 12.3, Safari versión 12.1.1, iTunes para Windows versión 12.9.5, iCloud para Windows versión 7.12. • https://www.exploit-db.com/exploits/46890 https://support.apple.com/HT210118 https://support.apple.com/HT210119 https://support.apple.com/HT210120 https://support.apple.com/HT210123 https://support.apple.com/HT210124 https://support.apple.com/HT210125 https://support.apple.com/HT210212 https://access.redhat.com/security/cve/CVE-2019-8611 https://bugzilla.redhat.com/show_bug.cgi?id=1877046 • CWE-787: Out-of-bounds Write •
CVE-2019-8603 – Apple Safari cfAttributedStringUnserialize Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8603
A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5. An application may be able to read restricted memory. Un problema de comprobación fue abordado mejorando el saneamiento de la entrada. Este problema es corregido en macOS Mojave versión 10.14.5. • https://support.apple.com/HT210119 • CWE-125: Out-of-bounds Read •
CVE-2019-8589
https://notcve.org/view.php?id=CVE-2019-8589
This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.5. A malicious application may bypass Gatekeeper checks. Este problema fue abordado con comprobaciones mejoradas. Este problema es corregido en macOS Mojave versión 10.14.5. • https://support.apple.com/HT210119 •