Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
appleAppleAPPLE:HT210590
HistoryApr 01, 2020 - 3:57 a.m.

About the security content of iOS 12.4.2 - Apple Support

2020-04-0103:57:17
support.apple.com
15

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

About Apple security updates

For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

iOS 12.4.2

Released September 26, 2019

Foundation

Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPad touch 6th generation

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero

Entry updated February 11, 2020

CPENameOperatorVersion
ioslt12.4.2

Related

apple 7
githubexploit 1
nessus 5
zdt 2
prion 1
cve 1
googleprojectzero 5
threatpost 1
thn 1
openvas 1
apple
apple
About the security content of macOS Mojave 10.14.6 Supplemental Update 2, Security Update 2019-005 High Sierra, and Security Update 2019-005 Sierra - Apple Support
2020-02-11 07:03:24
About the security content of iOS 12.4.2
2019-09-26 00:00:00
About the security content of watchOS 5.3.2
2019-09-26 00:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Read in Apple Iphone Os
2020-05-29 07:37:15
nessus
nessus
macOS 10.14.x < 10.14.6 SU2 / 10.13.x < 10.13.6 Update 2019-005 / 10.12.x < 10.12.6 Update 2019-005 Out-of-Bounds Read Vulnerability
2019-09-30 00:00:00
Apple iOS < 13.0 Multiple Vulnerabilities
2019-10-04 00:00:00
Apple TV < 12.4 Multiple Vulnerabilities
2019-07-26 00:00:00
zdt
zdt
iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of Bounds Exploit
2019-09-26 00:00:00
iMessage - Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address
2019-11-11 00:00:00
prion
prion
Input validation
2019-12-18 18:15:00
cve
cve
CVE-2019-8641
2019-12-18 18:15:00
googleprojectzero
googleprojectzero
MMS Exploit Part 3: Constructing the Memory Corruption Primitives
2020-07-28 00:00:00
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
2020-01-09 00:00:00
Remote iPhone Exploitation Part 3: From Memory Corruption to JavaScript and Back -- Gaining Code Execution
2020-01-09 00:00:00
threatpost
threatpost
Apple iMessage Flaw Allows Remote Attackers to Read iPhone Messages
2019-07-30 19:22:02
thn
thn
Google Researchers Disclose PoCs for 4 Remotely Exploitable iOS Flaws
2019-07-30 11:21:00
openvas
openvas
Apple Mac OS X Security Updates (HT210348)-01
2019-07-23 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for APPLE:HT210590
apple7githubexploit1nessus5zdt2prion1cve1googleprojectzero5threatpost1thn1openvas1