exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Apple Security Advisory 2019-10-29-7

Apple Security Advisory 2019-10-29-7
Posted Nov 1, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-10-29-7 - Safari 13 addresses code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2019-8625, CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8726, CVE-2019-8728, CVE-2019-8733, CVE-2019-8734, CVE-2019-8735
SHA-256 | 03a2dfda164ab288722395efc4dacce0fb3068d01626f72fbff5275d82e59f8e

Apple Security Advisory 2019-10-29-7

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2019-10-29-7 Additional information
for APPLE-SA-2019-9-26-4 Safari 13

Safari 13 addresses the following:

WebKit
Available for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019

WebKit
Available for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019

WebKit Page Loading
Available for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero

Additional recognition

WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.

Installation note:

Safari 13 may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5YpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M00kRAA
tOJHN3d53CphHqulCJAI5yuhbbNWq14bv4eEMckxYha3i84y8SZyz2f7K/sN6UKz
/04FqhUJFE5ngD4dXN2WsA6w4Ncd/BA3/KLUpE6YIU7RmLLF5VsU40OxNi66BEoW
OX/BX3eNEHoAr8x7Lg+XNHPB3brZySG+gthwn0UJsq6hiruqvJhiA4tvO4p+FeIy
a1lWWlINPB8fR92Rhp/57aRGpwnaSLJXqjOkuW7rT9sW/RjFtxs2eHXyutmK4wJ0
SoXh4iJr7w+4DyhX5igduy5W/2cKks0+DF6Dp0Zd9cyo8DcD9t8eiTj9sWusfKj8
jwVSw4tiFQCQxns7Ud+EwdGgOMqWzzlcD4WPV80LySJm5ba0mTCS0hJ3aLJV/mvC
DN5zJcreFetR3zH21XNIZUDwLrByaIzUafnnAh+z1HHyyMSz6xxoZDiTe0ZIhoCN
7zlIBtj4m1CYKpTHG2xTkHZCJHb3XRCx27rtPvtn0p9S/1hpHdlYkQEZr1yPUAhj
qfOdnm3B2Yj0D9AoaYY5Lq4RhxkAU/D6D9tpkj09vBOBN7cFqgscSeCWF2evTOSP
BUM/zn7crJJQ2rsFnJqiu5VrQ076Xp42/pYCvvL0dyaqiMq38H3OgEso9tm3ol19
bhdIF9Lt+f6ADw1tM+4wMkExo/JxyARQGc/Hoc43a8s=
=PATl
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close