Description
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, obtain sensitive information, bypass security restrictions and gain privileges.
Below is a complete list of vulnerabilities:
- A type confusion vulnerability in WebKit can be exploited remotely to execute arbitrary code;
- Multiple memory corruption vulnerabilities can be exploited remotely to execute arbitrary code;
- Multiple logic vulnerabilities in WebKit can be exploited remotely to perform cross-site scripting attack;
- A validation vulnerability in WebKit can be exploited remotely to obtain sensitive information;
- A memory corruption vulnerability can be exploited loccaly to bypass security restrictions;
- A buffer overflow vulnerability in CoreCrypto can be exploited locally to elevate privileges;
- A cross-origin vulnerability in WebKit can be exploited locally to obtain sensitive information;
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2019-7285 critical
- CVE-2019-6201 critical
- CVE-2019-8506 critical
- CVE-2019-8518 critical
- CVE-2019-8563 critical
- CVE-2019-8544 critical
- CVE-2019-8551 high
- CVE-2019-8535 critical
- CVE-2019-8523 critical
- CVE-2019-8559 critical
- CVE-2019-8558 critical
- CVE-2019-8503 critical
- CVE-2019-8556 critical
- CVE-2019-7292 high
- CVE-2019-8562 critical
- CVE-2019-8524 critical
- CVE-2019-8536 critical
- CVE-2019-8542 critical
- CVE-2019-8515 high
- CVE-2019-8639 critical
- CVE-2019-8638 critical
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!