exploit the possibilities

Apple Security Advisory 2019-10-29-7

Apple Security Advisory 2019-10-29-7
Posted Nov 1, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-10-29-7 - Safari 13 addresses code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2019-8625, CVE-2019-8674, CVE-2019-8707, CVE-2019-8719, CVE-2019-8726, CVE-2019-8728, CVE-2019-8733, CVE-2019-8734, CVE-2019-8735
MD5 | b8a854411133161eda404295b80e58bc

Apple Security Advisory 2019-10-29-7

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2019-10-29-7 Additional information
for APPLE-SA-2019-9-26-4 Safari 13

Safari 13 addresses the following:

WebKit
Available for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
Entry added October 29, 2019

WebKit
Available for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's
Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of
ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
Entry added October 29, 2019

WebKit Page Loading
Available for: macOS Mojave 10.14.6 and macOS High Sierra 10.13.6
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2019-8674: Sergei Glazunov of Google Project Zero

Additional recognition

WebKit
We would like to acknowledge MinJeong Kim of Information Security
Lab, Chungnam National University, JaeCheol Ryou of the Information
Security Lab, Chungnam National University in South Korea, Yiğit Can
YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an
anonymous researcher, and cc working with Trend Micro's Zero Day
Initiative for their assistance.

Installation note:

Safari 13 may be obtained from the Mac App Store.

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5YpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M00kRAA
tOJHN3d53CphHqulCJAI5yuhbbNWq14bv4eEMckxYha3i84y8SZyz2f7K/sN6UKz
/04FqhUJFE5ngD4dXN2WsA6w4Ncd/BA3/KLUpE6YIU7RmLLF5VsU40OxNi66BEoW
OX/BX3eNEHoAr8x7Lg+XNHPB3brZySG+gthwn0UJsq6hiruqvJhiA4tvO4p+FeIy
a1lWWlINPB8fR92Rhp/57aRGpwnaSLJXqjOkuW7rT9sW/RjFtxs2eHXyutmK4wJ0
SoXh4iJr7w+4DyhX5igduy5W/2cKks0+DF6Dp0Zd9cyo8DcD9t8eiTj9sWusfKj8
jwVSw4tiFQCQxns7Ud+EwdGgOMqWzzlcD4WPV80LySJm5ba0mTCS0hJ3aLJV/mvC
DN5zJcreFetR3zH21XNIZUDwLrByaIzUafnnAh+z1HHyyMSz6xxoZDiTe0ZIhoCN
7zlIBtj4m1CYKpTHG2xTkHZCJHb3XRCx27rtPvtn0p9S/1hpHdlYkQEZr1yPUAhj
qfOdnm3B2Yj0D9AoaYY5Lq4RhxkAU/D6D9tpkj09vBOBN7cFqgscSeCWF2evTOSP
BUM/zn7crJJQ2rsFnJqiu5VrQ076Xp42/pYCvvL0dyaqiMq38H3OgEso9tm3ol19
bhdIF9Lt+f6ADw1tM+4wMkExo/JxyARQGc/Hoc43a8s=
=PATl
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    23 Files
  • 27
    Jan 27th
    24 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close