Multiple vulnerabilities in Apple iCloud

Description

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, cause denial of service.

Below is a complete list of vulnerabilities:

1. A memory corruption vulnerability in libxslt can be exploited remotely to execute arbitrary code;
2. Vulnerabilitiy in WebKit can be exploited remotely via specially crafted text file to execute arbitrary code;
3. Multiple memory corruption vulnerabilities in WebKit Process Model can be exploited to execute arbitrary code;
4. Multiple memory corruption vulnerabilities in WebKit can be exploited to execute arbitrary code;
5. A logic vulnerability in WebKit can be exploited to perform cross-site scripting attacks;
6. A memory corruption vulnerability in Graphics Driver can be exploited to execute arbitrary code;
7. The HTTP referrer header vulnerability in WebKit can be exploited to obtain sensitive information.

Original advisories

• HT210728

• HT210727

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Apple-iCloud

CVE list

• CVE-2019-8750
  critical
• CVE-2019-8710
  critical
• CVE-2019-8766
  critical
• CVE-2019-8815
  critical
• CVE-2019-8782
  critical
• CVE-2019-8822
  critical
• CVE-2019-8823
  critical
• CVE-2019-8783
  critical
• CVE-2019-8811
  critical
• CVE-2019-8813
  high
• CVE-2019-8814
  critical
• CVE-2019-8819
  critical
• CVE-2019-8816
  critical
• CVE-2019-8784
  critical
• CVE-2019-8820
  critical
• CVE-2019-8821
  critical
• CVE-2019-8827
  warning

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com