Kaspersky ID:
KLA11456
Дата обнаружения:
25/03/2019
Обновлено:
22/01/2024

Описание

Multiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, obtain sensitive information, bypass security restrictions and gain privileges.

Below is a complete list of vulnerabilities:

  1. A type confusion vulnerability in WebKit can be exploited remotely to execute arbitrary code;
  2. Multiple memory corruption vulnerabilities can be exploited remotely to execute arbitrary code;
  3. Multiple logic vulnerabilities in WebKit can be exploited remotely to perform cross-site scripting attack;
  4. A validation vulnerability in WebKit can be exploited remotely to obtain sensitive information;
  5. A memory corruption vulnerability can be exploited loccaly to bypass security restrictions;
  6. A buffer overflow vulnerability in CoreCrypto can be exploited locally to elevate privileges;
  7. A race condition vulnerability can be exploited locally to execute code execution;
  8. A cross-origin vulnerability in WebKit can be exploited locally to obtain sensitive information;

Первичный источник обнаружения

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2019-7285
    critical
  • CVE-2019-6201
    critical
  • CVE-2019-8506
    critical
  • CVE-2019-8518
    critical
  • CVE-2019-8563
    high
  • CVE-2019-8544
    critical
  • CVE-2019-8551
    warning
  • CVE-2019-8535
    critical
  • CVE-2019-8523
    critical
  • CVE-2019-8559
    high
  • CVE-2019-8558
    high
  • CVE-2019-8503
    critical
  • CVE-2019-8556
    high
  • CVE-2019-7292
    warning
  • CVE-2019-8524
    high
  • CVE-2019-8536
    critical
  • CVE-2019-8542
    high
  • CVE-2019-8515
    warning
  • CVE-2019-6232
    critical
  • CVE-2019-6236
    critical
  • CVE-2019-8639
    high
  • CVE-2019-8638
    high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.