KLA11456
Multiple vulnerabilities in Apple iCloud

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, obtain sensitive information, bypass security restrictions and gain privileges.

Below is a complete list of vulnerabilities:

1. A type confusion vulnerability in WebKit can be exploited remotely to execute arbitrary code;
2. Multiple memory corruption vulnerabilities can be exploited remotely to execute arbitrary code;
3. Multiple logic vulnerabilities in WebKit can be exploited remotely to perform cross-site scripting attack;
4. A validation vulnerability in WebKit can be exploited remotely to obtain sensitive information;
5. A memory corruption vulnerability can be exploited loccaly to bypass security restrictions;
6. A buffer overflow vulnerability in CoreCrypto can be exploited locally to elevate privileges;
7. A race condition vulnerability can be exploited locally to execute code execution;
8. A cross-origin vulnerability in WebKit can be exploited locally to obtain sensitive information;

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Apple iCloud earlier than 7.11

Update to the latest version
Download iCloud

HT209605