Kaspersky Threats

KLA11409
Multiple vulnerabilities in Apple iCloud

Обновлено: 18/06/2020

Дата обнаружения	11/02/2019
Уровень угрозы	Critical
Описание	Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack. Below is a complete list of vulnerabilities: Multiple memory corruption vulnerabilities in SQLite can be exploited remotely to execute arbitrary code; A type confusion vulnerability in WebKit can be exploited remotely to execute arbitrary code; Multiple memory corruption vulnerabilities in WebKit can be exploited remotely to execute arbitrary code; A logic issue in WebKit can be exploited remotely to perform cross-site scripting attacks.
Пораженные продукты	Apple iCloud earlier than 7.10
Решение	Update to the latest version Download iCloud for Windows
Первичный источник обнаружения	About the security content of iCloud for Windows 7.10
Оказываемое влияние ?	ACE [?]
Связанные продукты	Apple iCloud
CVE-IDS	CVE-2018-203467.5Critical CVE-2018-205050.0Unknown CVE-2018-205060.0Unknown CVE-2019-62158.8Critical CVE-2019-62128.8Critical CVE-2019-62168.8Critical CVE-2019-62178.8Critical CVE-2019-62268.8Critical CVE-2019-62278.8Critical CVE-2019-62338.8Critical CVE-2019-62348.8Critical CVE-2019-62296.1High
Эксплуатация	The following public exploits exists for this vulnerability: https://www.exploit-db.com/exploits/46448