Description
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code, perform cross-site scripting attack.
Below is a complete list of vulnerabilities:
- A memory corruption vulnerability in AppleKeyStore can be exploited to bypass security restrictions;
- An out-of-bounds read vulnerability in Core Media can be exploited to gain privileges;
- Multiple memory corruption vulnerabilities in SQLite can be exploited remotely to execute arbitrary code;
- A type confusion vulnerability in WebKit can be exploited remotely to execute arbitrary code;
- Multiple memory corruption vulnerabilities in WebKit can be exploited remotely to execute arbitrary code;
- A logic issue in WebKit can be exploited remotely to perform cross-site scripting attacks.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2019-6235 critical
- CVE-2019-6221 high
- CVE-2018-20346 high
- CVE-2018-20505 warning
- CVE-2018-20506 high
- CVE-2019-6215 high
- CVE-2019-6212 high
- CVE-2019-6216 high
- CVE-2019-6217 high
- CVE-2019-6226 high
- CVE-2019-6227 high
- CVE-2019-6233 high
- CVE-2019-6234 high
- CVE-2019-6229 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!