ID UB:CVE-2019-6227 Type ubuntucve Reporter ubuntu.com Modified 2019-03-05T00:00:00
Description
A memory corruption issue was addressed with improved memory handling. This
issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3,
iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously
crafted web content may lead to arbitrary code execution.
Notes
Author| Note
---|--- jdstrand | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8
{"cve": [{"lastseen": "2022-03-24T00:02:51", "description": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-03-05T16:29:00", "type": "cve", "title": "CVE-2019-6227", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6227"], "modified": "2020-08-24T17:37:00", "cpe": [], "id": "CVE-2019-6227", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-6227", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": []}], "debiancve": [{"lastseen": "2022-05-24T03:41:56", "description": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-03-05T16:29:00", "type": "debiancve", "title": "CVE-2019-6227", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6227"], "modified": "2019-03-05T16:29:00", "id": "DEBIANCVE:CVE-2019-6227", "href": "https://security-tracker.debian.org/tracker/CVE-2019-6227", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "thn": [{"lastseen": "2022-05-09T12:40:03", "description": "[](<https://thehackernews.com/images/-fbg2yqm-3uk/XEhy7Y74EZI/AAAAAAAAzHQ/CDHqVYmkHCgX93xHD-nYN1hYDtKKCzD_ACLcBGAs/s728-e100/ios12-remote-jailbreak-exploit.png>)\n\nHere we have great news for all iPhone Jailbreak lovers and concerning one for the rest of iPhone users. \n \nA Chinese cybersecurity researcher has today revealed technical details of critical vulnerabilities in Apple Safari web browser and iOS that could allow a remote attacker to jailbreak and compromise victims' iPhoneX running iOS 12.1.2 and before versions. \n \nTo do so, all an attacker needs to do is trick iPhoneX users into opening a specially crafted web page using Safari browser, that's it. \n \nHowever, finding flaws and creating a working exploit to carry out such attacks is not as easy as it may sound for every iOS hacker. \n \nDiscovered by security researcher [Qixun Zhao](<https://twitter.com/S0rryMybad>) of Qihoo 360's Vulcan Team, the exploit takes advantage of two security vulnerabilities that were first demonstrated at [TianfuCup](<https://www.tianfucup.com/#pwn>) hacking contest held in November last year and then was later responsibly reported to the Apple security team. \n \nZhao today released some [details](<https://blogs.360.cn/post/IPC%20Voucher%20UaF%20Remote%20Jailbreak%20Stage%202%20\\(EN\\).html>) of and a proof-of-concept video demonstration for his exploit, which he dubbed \"**Chaos**,\" after Apple just yesterday released [iOS version 12.1.3](<https://support.apple.com/en-us/HT209443>) to patch the issues. \n\n\nAccording to the researcher, the remote Jailbreak exploit is a combination of two vulnerabilities, i.e., a type confusion memory corruption flaw (CVE-2019-6227) in Apple's Safari WebKit and a use-after-free memory corruption issue (CVE-2019-6225) in iOS Kernel. \n \nAs shown in the video demonstration of the Chaos iPhone X jailbreak exploit, the Safari flaw allowed maliciously crafted web content to execute arbitrary code on the targeted device, which then used the second bug to elevate privileges and install a malicious application silently. \n \nHowever, the researcher has chosen not to publish the code for iOS jailbreak in an attempt to prevent malicious attacks against Apple users and hopes that the jailbreak community would use this information to soon come up with a suitable jailbreak exploit for users. \n\n\n> \"I will not release the exploit code, if you want to jailbreak, you will need to complete the exploit code yourself or wait for the jailbreak community's release. At the same time, I will not mention the exploit details of the post exploit, as this is handled by the jailbreak community,\" Zhao said.\n\nAt this moment, based upon the remote nature of this attack and wide threat surface, it is highly recommended for iPhone users to install the latest iOS update as soon as possible, rather waiting for a jailbreak. \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-01-23T14:09:00", "type": "thn", "title": "Chinese Hacker Publishes PoC for Remote iOS 12 Jailbreak On iPhone X", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6225", "CVE-2019-6227"], "modified": "2019-01-23T14:09:11", "id": "THN:9514A8EEA12D4DECCEC1E146DCB598F4", "href": "https://thehackernews.com/2019/01/ios12-jailbreak-exploit.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "threatpost": [{"lastseen": "2019-11-08T07:14:07", "description": "A Chinese security researcher has published what he claims is a proof-of-concept exploit that would allow a remote attacker to jailbreak an iPhoneX, unbeknownst to the user \u2013 allowing them to gain access to a victim\u2019s data, processing power and more.\n\nQixun Zhao of Qihoo 360 built the exploit, which he calls \u201cChaos,\u201d around previously disclosed critical vulnerabilities in the Apple Safari web browser and iOS, which Apple [patched this week](<https://support.apple.com/en-us/HT209443>) with iOS version 12.1.3.\n\nPhones running iOS 12.1.2 and earlier versions are still vulnerable to Chaos, which employs two security vulnerabilities that were first demonstrated at TianfuCup hacking contest last November: A memory corruption flaw in Apple\u2019s Safari WebKit ([CVE-2019-6227](<https://vuldb.com/?id.130094>)); and a use-after-free memory corruption issue in the iOS kernel ([CVE-2019-6225](<https://vuldb.com/?id.130108>)).\n\nThe first vulnerability would allow a malefactor to create a malicious web page using the Safari browser, containing scripts for executing arbitrary code on a targeted device. Once that code is executed, an attacker can use the second flaw to gain elevated privileges and stealthily install a malicious application of his or her choice.\n\nThat application can be any kind of malware, built for eavesdropping or other espionage, ad fraud, premium SMS fraud, cryptomining or a raft of other nefarious activities, the researcher said.\n\nThe attack does of course have a social-engineering aspect; victims would need to be enticed to visit the malicious webpage via Safari on their iPhone Xs.\n\nWhile the researcher published a [PoC video](<https://youtu.be/JznReTetgOI>), he has opted not to publish the jailbreak code itself, given the potentially large attack surface.\n\n\u201cI will not release the exploit code, if you want to jailbreak, you will need to complete the exploit code yourself or wait for the jailbreak community\u2019s release,\u201d he said in a [technical write-up](<http://blogs.360.cn/post/IPC%20Voucher%20UaF%20Remote%20Jailbreak%20Stage%202%20\\(EN\\).html>) of the exploit on Wednesday. \u201cAt the same time, I will not mention the exploit details of the post exploit, as this is handled by the jailbreak community.\u201d\n\nInterestingly, the news comes shortly after exploit acquisition vendor Zerodium said that it is [upping its payouts](<https://threatpost.com/zerodium-raises-zero-day-payout-ceiling-to-2m/140624/>) for full, working exploits across its entire program. Apple attacks fetch the highest price: It\u2019s now paying $2 million for remote iOS jailbreaks.\n\nThreatpost has reached out to Apple and will update this story with any comment.\n", "cvss3": {}, "published": "2019-01-23T16:23:22", "type": "threatpost", "title": "'Chaos' iPhone X Attack Alleges Remote Jailbreak", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2019-6225", "CVE-2019-6227"], "modified": "2019-01-23T16:23:22", "id": "THREATPOST:394AE7798F87078256D03647F95EF4AA", "href": "https://threatpost.com/chaos-iphone-x-jailbreak/141104/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:28:32", "description": "The Webkitgtk project reports :\n\nCVE-2019-6212 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6215 - Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6216 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6217 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6226 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6227 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6229 - Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue was addressed with improved validation.\n\nCVE-2019-6233 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6234 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-02-25T00:00:00", "type": "nessus", "title": "FreeBSD : webkit-gtk -- Multiple vulnabilities (e3aacd6d-3d01-434c-9330-bc9efd40350f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2019-04-02T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:webkit-gtk2", "p-cpe:/a:freebsd:freebsd:webkit-gtk3", "p-cpe:/a:freebsd:freebsd:webkit2-gtk3", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_E3AACD6D3D01434C9330BC9EFD40350F.NASL", "href": "https://www.tenable.com/plugins/nessus/122413", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122413);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/04/02 21:54:17\");\n\n script_cve_id(\"CVE-2019-6212\", \"CVE-2019-6215\", \"CVE-2019-6216\", \"CVE-2019-6217\", \"CVE-2019-6226\", \"CVE-2019-6227\", \"CVE-2019-6229\", \"CVE-2019-6233\", \"CVE-2019-6234\");\n\n script_name(english:\"FreeBSD : webkit-gtk -- Multiple vulnabilities (e3aacd6d-3d01-434c-9330-bc9efd40350f)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Webkitgtk project reports :\n\nCVE-2019-6212 - Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling.\n\nCVE-2019-6215 - Processing maliciously crafted web content may lead to\narbitrary code execution. A type confusion issue was addressed with\nimproved memory handling.\n\nCVE-2019-6216 - Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling.\n\nCVE-2019-6217 - Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling.\n\nCVE-2019-6226 - Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling.\n\nCVE-2019-6227 - Processing maliciously crafted web content may lead to\narbitrary code execution. A memory corruption issue was addressed with\nimproved memory handling.\n\nCVE-2019-6229 - Processing maliciously crafted web content may lead to\nuniversal cross site scripting. A logic issue was addressed with\nimproved validation.\n\nCVE-2019-6233 - Processing maliciously crafted web content may lead to\narbitrary code execution. A memory corruption issue was addressed with\nimproved memory handling.\n\nCVE-2019-6234 - Processing maliciously crafted web content may lead to\narbitrary code execution. A memory corruption issue was addressed with\nimproved memory handling.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2019-0001.html\"\n );\n # https://vuxml.freebsd.org/freebsd/e3aacd6d-3d01-434c-9330-bc9efd40350f.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d9ed359d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:webkit-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:webkit-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:webkit2-gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"webkit2-gtk3<2.22.6\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"webkit-gtk2>=0\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"webkit-gtk3>=0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:28:08", "description": "The remote host is affected by the vulnerability described in GLSA-201903-12 (WebkitGTK+: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details.\n Impact :\n\n An attacker could execute arbitrary code or conduct cross-site scripting.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-14T00:00:00", "type": "nessus", "title": "GLSA-201903-12 : WebkitGTK+: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2019-04-02T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:webkit-gtk", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201903-12.NASL", "href": "https://www.tenable.com/plugins/nessus/122834", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201903-12.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122834);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/04/02 21:54:17\");\n\n script_cve_id(\"CVE-2019-6212\", \"CVE-2019-6215\", \"CVE-2019-6216\", \"CVE-2019-6217\", \"CVE-2019-6226\", \"CVE-2019-6227\", \"CVE-2019-6229\", \"CVE-2019-6233\", \"CVE-2019-6234\");\n script_xref(name:\"GLSA\", value:\"201903-12\");\n\n script_name(english:\"GLSA-201903-12 : WebkitGTK+: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201903-12\n(WebkitGTK+: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in WebKitGTK+. Please\n review the referenced CVE identifiers for details.\n \nImpact :\n\n An attacker could execute arbitrary code or conduct cross-site\n scripting.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201903-12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All WebkitGTK+ users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/webkit-gtk-2.22.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:webkit-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-libs/webkit-gtk\", unaffected:make_list(\"ge 2.22.6\"), vulnerable:make_list(\"lt 2.22.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"WebkitGTK+\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:27:51", "description": "This update for webkit2gtk3 to version 2.22.6 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-6212: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content.\n\n - CVE-2019-6215: Fixed a type confusion vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.\n\n - CVE-2019-6216: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content. \n\n - CVE-2019-6217: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content. \n\n - CVE-2019-6226: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content. \n\n - CVE-2019-6227: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.\n\n - CVE-2019-6229: Fixed a logic issue by improving validation which could allow arbitrary code execution during the processing of special crafted web-content.\n\n - CVE-2019-6233: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.\n\n - CVE-2019-6234: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.\n\nOther issues addressed :\n\n - Update to version 2.22.6 (bsc#1124937).\n\n - Kinetic scrolling slow down smoothly when reaching the ends of pages, instead of abruptly, to better match the GTK+ behaviour.\n\n - Fixed Web inspector magnifier under Wayland.\n\n - Fixed garbled rendering of some websites (e.g. YouTube) while scrolling under X11.\n\n - Fixed several crashes, race conditions, and rendering issues.\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update project.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : webkit2gtk3 (openSUSE-2019-309)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2", "p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-309.NASL", "href": "https://www.tenable.com/plugins/nessus/122745", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-309.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122745);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-6212\", \"CVE-2019-6215\", \"CVE-2019-6216\", \"CVE-2019-6217\", \"CVE-2019-6226\", \"CVE-2019-6227\", \"CVE-2019-6229\", \"CVE-2019-6233\", \"CVE-2019-6234\");\n\n script_name(english:\"openSUSE Security Update : webkit2gtk3 (openSUSE-2019-309)\");\n script_summary(english:\"Check for the openSUSE-2019-309 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for webkit2gtk3 to version 2.22.6 fixes the following\nissues :\n\nSecurity issues fixed :\n\n - CVE-2019-6212: Fixed multiple memory corruption\n vulnerabilities which could allow arbitrary code\n execution during the processing of special crafted\n web-content.\n\n - CVE-2019-6215: Fixed a type confusion vulnerability\n which could allow arbitrary code execution during the\n processing of special crafted web-content.\n\n - CVE-2019-6216: Fixed multiple memory corruption\n vulnerabilities which could allow arbitrary code\n execution during the processing of special crafted\n web-content. \n\n - CVE-2019-6217: Fixed multiple memory corruption\n vulnerabilities which could allow arbitrary code\n execution during the processing of special crafted\n web-content. \n\n - CVE-2019-6226: Fixed multiple memory corruption\n vulnerabilities which could allow arbitrary code\n execution during the processing of special crafted\n web-content. \n\n - CVE-2019-6227: Fixed a memory corruption vulnerability\n which could allow arbitrary code execution during the\n processing of special crafted web-content.\n\n - CVE-2019-6229: Fixed a logic issue by improving\n validation which could allow arbitrary code execution\n during the processing of special crafted web-content.\n\n - CVE-2019-6233: Fixed a memory corruption vulnerability\n which could allow arbitrary code execution during the\n processing of special crafted web-content.\n\n - CVE-2019-6234: Fixed a memory corruption vulnerability\n which could allow arbitrary code execution during the\n processing of special crafted web-content.\n\nOther issues addressed :\n\n - Update to version 2.22.6 (bsc#1124937).\n\n - Kinetic scrolling slow down smoothly when reaching the\n ends of pages, instead of abruptly, to better match the\n GTK+ behaviour.\n\n - Fixed Web inspector magnifier under Wayland.\n\n - Fixed garbled rendering of some websites (e.g. YouTube)\n while scrolling under X11.\n\n - Fixed several crashes, race conditions, and rendering\n issues.\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124937\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkit2gtk3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libjavascriptcoregtk-4_0-18-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libwebkit2gtk-4_0-37-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libwebkit2gtk3-lang-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"typelib-1_0-WebKit2-4_0-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit-jsc-4-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit-jsc-4-debuginfo-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit2gtk-4_0-injected-bundles-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit2gtk3-debugsource-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit2gtk3-devel-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit2gtk3-minibrowser-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit2gtk3-minibrowser-debuginfo-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit2gtk3-plugin-process-gtk2-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"webkit2gtk3-plugin-process-gtk2-debuginfo-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-32bit-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.22.6-21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-debuginfo-32bit-2.22.6-21.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:28:32", "description": "This update for webkit2gtk3 to version 2.22.6 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-6212: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content.\n\nCVE-2019-6215: Fixed a type confusion vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.\n\nCVE-2019-6216: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content.\n\nCVE-2019-6217: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content.\n\nCVE-2019-6226: Fixed multiple memory corruption vulnerabilities which could allow arbitrary code execution during the processing of special crafted web-content.\n\nCVE-2019-6227: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.\n\nCVE-2019-6229: Fixed a logic issue by improving validation which could allow arbitrary code execution during the processing of special crafted web-content.\n\nCVE-2019-6233: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.\n\nCVE-2019-6234: Fixed a memory corruption vulnerability which could allow arbitrary code execution during the processing of special crafted web-content.\n\nOther issues addressed: Update to version 2.22.6 (bsc#1124937).\n\nKinetic scrolling slow down smoothly when reaching the ends of pages, instead of abruptly, to better match the GTK+ behaviour.\n\nFixed Web inspector magnifier under Wayland.\n\nFixed garbled rendering of some websites (e.g. YouTube) while scrolling under X11.\n\nFixed several crashes, race conditions, and rendering issues.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-01T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:0511-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0511-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122531", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0511-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122531);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-6212\", \"CVE-2019-6215\", \"CVE-2019-6216\", \"CVE-2019-6217\", \"CVE-2019-6226\", \"CVE-2019-6227\", \"CVE-2019-6229\", \"CVE-2019-6233\", \"CVE-2019-6234\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:0511-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for webkit2gtk3 to version 2.22.6 fixes the following\nissues :\n\nSecurity issues fixed :\n\nCVE-2019-6212: Fixed multiple memory corruption vulnerabilities which\ncould allow arbitrary code execution during the processing of special\ncrafted web-content.\n\nCVE-2019-6215: Fixed a type confusion vulnerability which could allow\narbitrary code execution during the processing of special crafted\nweb-content.\n\nCVE-2019-6216: Fixed multiple memory corruption vulnerabilities which\ncould allow arbitrary code execution during the processing of special\ncrafted web-content.\n\nCVE-2019-6217: Fixed multiple memory corruption vulnerabilities which\ncould allow arbitrary code execution during the processing of special\ncrafted web-content.\n\nCVE-2019-6226: Fixed multiple memory corruption vulnerabilities which\ncould allow arbitrary code execution during the processing of special\ncrafted web-content.\n\nCVE-2019-6227: Fixed a memory corruption vulnerability which could\nallow arbitrary code execution during the processing of special\ncrafted web-content.\n\nCVE-2019-6229: Fixed a logic issue by improving validation which could\nallow arbitrary code execution during the processing of special\ncrafted web-content.\n\nCVE-2019-6233: Fixed a memory corruption vulnerability which could\nallow arbitrary code execution during the processing of special\ncrafted web-content.\n\nCVE-2019-6234: Fixed a memory corruption vulnerability which could\nallow arbitrary code execution during the processing of special\ncrafted web-content.\n\nOther issues addressed: Update to version 2.22.6 (bsc#1124937).\n\nKinetic scrolling slow down smoothly when reaching the ends of pages,\ninstead of abruptly, to better match the GTK+ behaviour.\n\nFixed Web inspector magnifier under Wayland.\n\nFixed garbled rendering of some websites (e.g. YouTube) while\nscrolling under X11.\n\nFixed several crashes, race conditions, and rendering issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6212/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6215/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6216/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6217/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6226/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6227/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6229/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6233/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6234/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190511-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a90e20aa\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-511=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-511=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2019-511=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-511=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2019-511=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-511=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-511=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-511=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-511=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-511=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-511=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-511=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-511=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-WebKit2-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk3-debugsource-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libjavascriptcoregtk-4_0-18-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwebkit2gtk-4_0-37-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"typelib-1_0-WebKit2-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk-4_0-injected-bundles-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk3-debugsource-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-WebKit2-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk3-debugsource-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk3-devel-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"typelib-1_0-WebKit2-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"webkit2gtk-4_0-injected-bundles-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"webkit2gtk3-debugsource-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"typelib-1_0-WebKit2-4_0-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"webkit2gtk-4_0-injected-bundles-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.6-2.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"webkit2gtk3-debugsource-2.22.6-2.35.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:27:12", "description": "The version of Apple Safari installed on the remote host is prior to 12.0.3. It is, therefore, affected by the following vulnerabilities :\n\n - Input-validation errors exist that allow memory corruption leading to arbitrary code execution. (CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226, CVE-2019-6227, CVE-2019-6233, CVE-2019-6234)\n\n - Input-validation errors exist that allow an attacker to perform cross-site scripting attacks. (CVE-2019-6228, CVE-2019-6228)\n\nNote that Nessus Network Monitor has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-04-08T00:00:00", "type": "nessus", "title": "Apple Safari < 12.0.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234", "CVE-2019-6228"], "modified": "2019-04-08T00:00:00", "cpe": ["cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"], "id": "700508.PRM", "href": "https://www.tenable.com/plugins/nnm/700508", "sourceData": "Binary data 700508.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:29:20", "description": "The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 12.0.3. It is, therefore, affected by the following vulnerabilities :\n\n - Input-validation errors exist that allow memory corruption leading to arbitrary code execution.\n (CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226, CVE-2019-6227, CVE-2019-6233, CVE-2019-6234)\n\n - Input-validation errors exist that allow an attacker to perform cross-site scripting attacks. (CVE-2019-6228, CVE-2019-6228)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-25T00:00:00", "type": "nessus", "title": "macOS : Apple Safari < 12.0.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6228", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2019-10-31T00:00:00", "cpe": ["cpe:/a:apple:safari"], "id": "MACOSX_SAFARI12_0_3.NASL", "href": "https://www.tenable.com/plugins/nessus/121388", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121388);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/10/31 15:18:51\");\n\n script_cve_id(\n \"CVE-2019-6212\",\n \"CVE-2019-6215\",\n \"CVE-2019-6216\",\n \"CVE-2019-6217\",\n \"CVE-2019-6226\",\n \"CVE-2019-6227\",\n \"CVE-2019-6228\",\n \"CVE-2019-6229\",\n \"CVE-2019-6233\",\n \"CVE-2019-6234\"\n );\n script_bugtraq_id(\n 106691,\n 106692,\n 106696,\n 106699\n );\n\n script_name(english:\"macOS : Apple Safari < 12.0.3 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the Safari version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web browser installed on the remote macOS or Mac OS X host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple Safari installed on the remote macOS or Mac OS X\nhost is prior to 12.0.3. It is, therefore, affected by the following\nvulnerabilities :\n\n - Input-validation errors exist that allow memory\n corruption leading to arbitrary code execution.\n (CVE-2019-6212, CVE-2019-6215, CVE-2019-6216,\n CVE-2019-6217, CVE-2019-6226, CVE-2019-6227,\n CVE-2019-6233, CVE-2019-6234)\n\n - Input-validation errors exist that allow an attacker to\n perform cross-site scripting attacks. (CVE-2019-6228,\n CVE-2019-6228)\n\nNote that Nessus has not tested for these issues but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT209449\");\n # https://lists.apple.com/archives/security-announce/2019/Jan/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3f718015\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple Safari version 12.0.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6234\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:safari\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"macosx_Safari31.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Safari/Installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X or macOS\");\n\nif (!preg(pattern:\"Mac OS X 10\\.(12|13|14)([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"macOS Sierra 10.12 / macOS High Sierra 10.13 / macOS Mojave 10.14\");\n\ninstalled = get_kb_item_or_exit(\"MacOSX/Safari/Installed\", exit_code:0);\npath = get_kb_item_or_exit(\"MacOSX/Safari/Path\", exit_code:1);\nversion = get_kb_item_or_exit(\"MacOSX/Safari/Version\", exit_code:1);\n\nfixed_version = \"12.0.3\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n report = report_items_str(\n report_items:make_array(\n \"Path\", path,\n \"Installed version\", version,\n \"Fixed version\", fixed_version\n ),\n ordered_fields:make_list(\"Path\", \"Installed version\", \"Fixed version\")\n );\n security_report_v4(port:0, severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Safari\", version, path);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:29:10", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.9.3. It is, therefore, affected by multiple vulnerabilities as referenced in the HT209450 advisory:\n\n - Multiple vulnerabilities exist due to input processing flaws in the WebKit component. An attacker may be able to leverage one of these vulnerability, by providing maliciously crafted web content, to execute arbitrary code on the host. (CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226, CVE-2019-6227, CVE-2019-6233, CVE-2019-6234)\n\n - A universal cross-site scripting vulnerability exists in the WebKit component. An attacker may be able to leverage this vulnerability, by providing maliciously crafted web content, to execute arbitrary script code in the security context of any site. (CVE-2019-6229)\n\n - A memory corruption vulnerability exists in the AppleKeyStore component. An attacker may be able to leverage this vulnerability to allow a process to circumvent sandbox restrictions. (CVE-2019-6235)\n\n - An out-of-bounds read vulnerability exists in the Core Media component. An attacker may be able to leverage this vulnerability to allow a malicious application to elevate its privileges. (CVE-2019-6221)\n\n - Multiple memory corruption issues exist in the SQLite component. An attacker may be able to leverage these vulnerabilities, by executing a malicious SQL query, to execute arbitrary code on the host. (CVE-2018-20346, CVE-2018-20505, CVE-2018-20506)\n\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 10, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}, "published": "2019-01-30T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.9.3 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6221", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234", "CVE-2019-6235"], "modified": "2019-10-31T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_9_3.NASL", "href": "https://www.tenable.com/plugins/nessus/121473", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121473);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/10/31 15:18:52\");\n\n script_cve_id(\n \"CVE-2018-20346\",\n \"CVE-2018-20505\",\n \"CVE-2018-20506\",\n \"CVE-2019-6212\",\n \"CVE-2019-6215\",\n \"CVE-2019-6216\",\n \"CVE-2019-6217\",\n \"CVE-2019-6221\",\n \"CVE-2019-6226\",\n \"CVE-2019-6227\",\n \"CVE-2019-6229\",\n \"CVE-2019-6233\",\n \"CVE-2019-6234\",\n \"CVE-2019-6235\"\n );\n script_bugtraq_id(\n 106323,\n 106691,\n 106694,\n 106696,\n 106698,\n 106699,\n 106724\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2019-1-24-1\");\n\n script_name(english:\"Apple iTunes < 12.9.3 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on remote host is affected by multiple\nvulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.9.3. It is, therefore, affected by multiple vulnerabilities\nas referenced in the HT209450 advisory:\n\n - Multiple vulnerabilities exist due to input processing\n flaws in the WebKit component. An attacker may be able\n to leverage one of these vulnerability, by providing\n maliciously crafted web content, to execute arbitrary\n code on the host. (CVE-2019-6212, CVE-2019-6215,\n CVE-2019-6216, CVE-2019-6217, CVE-2019-6226,\n CVE-2019-6227, CVE-2019-6233, CVE-2019-6234)\n\n - A universal cross-site scripting vulnerability exists in\n the WebKit component. An attacker may be able to leverage\n this vulnerability, by providing maliciously crafted web\n content, to execute arbitrary script code in the security\n context of any site. (CVE-2019-6229)\n\n - A memory corruption vulnerability exists in the\n AppleKeyStore component. An attacker may be able to\n leverage this vulnerability to allow a process to\n circumvent sandbox restrictions. (CVE-2019-6235)\n\n - An out-of-bounds read vulnerability exists in the\n Core Media component. An attacker may be able to leverage\n this vulnerability to allow a malicious application to\n elevate its privileges. (CVE-2019-6221)\n\n - Multiple memory corruption issues exist in the SQLite\n component. An attacker may be able to leverage these\n vulnerabilities, by executing a malicious SQL query, to\n execute arbitrary code on the host. (CVE-2018-20346,\n CVE-2018-20505, CVE-2018-20506)\n\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT209450\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.9.3 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6235\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\ninclude(\"vcf.inc\");\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"iTunes Version\", win_local:TRUE);\nconstraints = [{\"fixed_version\":\"12.9.3\"}];\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, flags:{xss:TRUE});\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:28:15", "description": "This update for webkit2gtk3 to version 2.22.6 fixes the following issues (boo#1124937 boo#1119558) :\n\nSecurity vulnerabilities fixed :\n\n - CVE-2018-4437: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. (boo#1119553)\n\n - CVE-2018-4438: Processing maliciously crafted web content may lead to arbitrary code execution. A logic issue existed resulting in memory corruption. This was addressed with improved state management. (boo#1119554)\n\n - CVE-2018-4441: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. (boo#1119555)\n\n - CVE-2018-4442: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. (boo#1119556)\n\n - CVE-2018-4443: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. (boo#1119557)\n\n - CVE-2018-4464: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. (boo#1119558)\n\n - CVE-2019-6212: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\n - CVE-2019-6215: Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling.\n\n - CVE-2019-6216: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\n - CVE-2019-6217: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\n - CVE-2019-6226: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\n - CVE-2019-6227: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\n\n - CVE-2019-6229: Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue was addressed with improved validation.\n\n - CVE-2019-6233: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\n\n - CVE-2019-6234: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\n\nOther bug fixes and changes :\n\n - Make kinetic scrolling slow down smoothly when reaching the ends of pages, instead of abruptly, to better match the GTK+ behaviour.\n\n - Fix Web inspector magnifier under Wayland.\n\n - Fix garbled rendering of some websites (e.g. YouTube) while scrolling under X11.\n\n - Fix several crashes, race conditions, and rendering issues.\n\nFor a detailed list of changes, please refer to :\n\n- https://webkitgtk.org/security/WSA-2019-0001.html\n\n- https://webkitgtk.org/2019/02/09/webkitgtk2.22.6-released.html\n\n- https://webkitgtk.org/security/WSA-2018-0009.html\n\n- https://webkitgtk.org/2018/12/13/webkitgtk2.22.5-released.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : webkit2gtk3 (openSUSE-2019-308)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4437", "CVE-2018-4438", "CVE-2018-4441", "CVE-2018-4442", "CVE-2018-4443", "CVE-2018-4464", "CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2", "p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-308.NASL", "href": "https://www.tenable.com/plugins/nessus/122744", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-308.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122744);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-4437\", \"CVE-2018-4438\", \"CVE-2018-4441\", \"CVE-2018-4442\", \"CVE-2018-4443\", \"CVE-2018-4464\", \"CVE-2019-6212\", \"CVE-2019-6215\", \"CVE-2019-6216\", \"CVE-2019-6217\", \"CVE-2019-6226\", \"CVE-2019-6227\", \"CVE-2019-6229\", \"CVE-2019-6233\", \"CVE-2019-6234\");\n\n script_name(english:\"openSUSE Security Update : webkit2gtk3 (openSUSE-2019-308)\");\n script_summary(english:\"Check for the openSUSE-2019-308 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for webkit2gtk3 to version 2.22.6 fixes the following\nissues (boo#1124937 boo#1119558) :\n\nSecurity vulnerabilities fixed :\n\n - CVE-2018-4437: Processing maliciously crafted web\n content may lead to arbitrary code execution. Multiple\n memory corruption issues were addressed with improved\n memory handling. (boo#1119553)\n\n - CVE-2018-4438: Processing maliciously crafted web\n content may lead to arbitrary code execution. A logic\n issue existed resulting in memory corruption. This was\n addressed with improved state management. (boo#1119554)\n\n - CVE-2018-4441: Processing maliciously crafted web\n content may lead to arbitrary code execution. A memory\n corruption issue was addressed with improved memory\n handling. (boo#1119555)\n\n - CVE-2018-4442: Processing maliciously crafted web\n content may lead to arbitrary code execution. A memory\n corruption issue was addressed with improved memory\n handling. (boo#1119556)\n\n - CVE-2018-4443: Processing maliciously crafted web\n content may lead to arbitrary code execution. A memory\n corruption issue was addressed with improved memory\n handling. (boo#1119557)\n\n - CVE-2018-4464: Processing maliciously crafted web\n content may lead to arbitrary code execution. Multiple\n memory corruption issues were addressed with improved\n memory handling. (boo#1119558)\n\n - CVE-2019-6212: Processing maliciously crafted web\n content may lead to arbitrary code execution. Multiple\n memory corruption issues were addressed with improved\n memory handling.\n\n - CVE-2019-6215: Processing maliciously crafted web\n content may lead to arbitrary code execution. A type\n confusion issue was addressed with improved memory\n handling.\n\n - CVE-2019-6216: Processing maliciously crafted web\n content may lead to arbitrary code execution. Multiple\n memory corruption issues were addressed with improved\n memory handling.\n\n - CVE-2019-6217: Processing maliciously crafted web\n content may lead to arbitrary code execution. Multiple\n memory corruption issues were addressed with improved\n memory handling.\n\n - CVE-2019-6226: Processing maliciously crafted web\n content may lead to arbitrary code execution. Multiple\n memory corruption issues were addressed with improved\n memory handling.\n\n - CVE-2019-6227: Processing maliciously crafted web\n content may lead to arbitrary code execution. A memory\n corruption issue was addressed with improved memory\n handling.\n\n - CVE-2019-6229: Processing maliciously crafted web\n content may lead to universal cross site scripting. A\n logic issue was addressed with improved validation.\n\n - CVE-2019-6233: Processing maliciously crafted web\n content may lead to arbitrary code execution. A memory\n corruption issue was addressed with improved memory\n handling.\n\n - CVE-2019-6234: Processing maliciously crafted web\n content may lead to arbitrary code execution. A memory\n corruption issue was addressed with improved memory\n handling.\n\nOther bug fixes and changes :\n\n - Make kinetic scrolling slow down smoothly when reaching\n the ends of pages, instead of abruptly, to better match\n the GTK+ behaviour.\n\n - Fix Web inspector magnifier under Wayland.\n\n - Fix garbled rendering of some websites (e.g. YouTube)\n while scrolling under X11.\n\n - Fix several crashes, race conditions, and rendering\n issues.\n\nFor a detailed list of changes, please refer to :\n\n- https://webkitgtk.org/security/WSA-2019-0001.html\n\n- https://webkitgtk.org/2019/02/09/webkitgtk2.22.6-released.html\n\n- https://webkitgtk.org/security/WSA-2018-0009.html\n\n- https://webkitgtk.org/2018/12/13/webkitgtk2.22.5-released.html\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119557\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/2018/12/13/webkitgtk2.22.5-released.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/2019/02/09/webkitgtk2.22.6-released.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2018-0009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2019-0001.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected webkit2gtk3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-plugin-process-gtk2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libjavascriptcoregtk-4_0-18-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwebkit2gtk-4_0-37-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libwebkit2gtk3-lang-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"typelib-1_0-WebKit2-4_0-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit-jsc-4-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit-jsc-4-debuginfo-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk-4_0-injected-bundles-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-debugsource-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-devel-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-minibrowser-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-minibrowser-debuginfo-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-plugin-process-gtk2-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"webkit2gtk3-plugin-process-gtk2-debuginfo-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.22.6-lp150.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-debuginfo-2.22.6-lp150.2.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-32bit / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:28:48", "description": "This update for webkit2gtk3 to version 2.22.6 fixes the following issues (boo#1124937 boo#1119558) :\n\nSecurity vulnerabilities fixed :\n\nCVE-2018-4437: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. (boo#1119553)\n\nCVE-2018-4438: Processing maliciously crafted web content may lead to arbitrary code execution. A logic issue existed resulting in memory corruption. This was addressed with improved state management.\n(boo#1119554)\n\nCVE-2018-4441: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. (boo#1119555)\n\nCVE-2018-4442: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. (boo#1119556)\n\nCVE-2018-4443: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling. (boo#1119557)\n\nCVE-2018-4464: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling. (boo#1119558)\n\nCVE-2019-6212: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6215: Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6216: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6217: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6226: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6227: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6229: Processing maliciously crafted web content may lead to universal cross-site scripting. A logic issue was addressed with improved validation.\n\nCVE-2019-6233: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6234: Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\n\nOther bug fixes and changes: Make kinetic scrolling slow down smoothly when reaching the ends of pages, instead of abruptly, to better match the GTK+ behaviour.\n\nFix Web inspector magnifier under Wayland.\n\nFix garbled rendering of some websites (e.g. YouTube) while scrolling under X11.\n\nFix several crashes, race conditions, and rendering issues.\n\nFor a detailed list of changes, please refer to:\nhttps://webkitgtk.org/security/WSA-2019-0001.html\n\nhttps://webkitgtk.org/2019/02/09/webkitgtk2.22.6-released.html\n\nhttps://webkitgtk.org/security/WSA-2018-0009.html\n\nhttps://webkitgtk.org/2018/12/13/webkitgtk2.22.5-released.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-02-27T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2019:0497-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4437", "CVE-2018-4438", "CVE-2018-4441", "CVE-2018-4442", "CVE-2018-4443", "CVE-2018-4464", "CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension", "p-cpe:/a:novell:suse_linux:webkit-jsc", "p-cpe:/a:novell:suse_linux:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0497-1.NASL", "href": "https://www.tenable.com/plugins/nessus/122474", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0497-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122474);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2018-4437\", \"CVE-2018-4438\", \"CVE-2018-4441\", \"CVE-2018-4442\", \"CVE-2018-4443\", \"CVE-2018-4464\", \"CVE-2019-6212\", \"CVE-2019-6215\", \"CVE-2019-6216\", \"CVE-2019-6217\", \"CVE-2019-6226\", \"CVE-2019-6227\", \"CVE-2019-6229\", \"CVE-2019-6233\", \"CVE-2019-6234\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2019:0497-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for webkit2gtk3 to version 2.22.6 fixes the following\nissues (boo#1124937 boo#1119558) :\n\nSecurity vulnerabilities fixed :\n\nCVE-2018-4437: Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling. (boo#1119553)\n\nCVE-2018-4438: Processing maliciously crafted web content may lead to\narbitrary code execution. A logic issue existed resulting in memory\ncorruption. This was addressed with improved state management.\n(boo#1119554)\n\nCVE-2018-4441: Processing maliciously crafted web content may lead to\narbitrary code execution. A memory corruption issue was addressed with\nimproved memory handling. (boo#1119555)\n\nCVE-2018-4442: Processing maliciously crafted web content may lead to\narbitrary code execution. A memory corruption issue was addressed with\nimproved memory handling. (boo#1119556)\n\nCVE-2018-4443: Processing maliciously crafted web content may lead to\narbitrary code execution. A memory corruption issue was addressed with\nimproved memory handling. (boo#1119557)\n\nCVE-2018-4464: Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling. (boo#1119558)\n\nCVE-2019-6212: Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling.\n\nCVE-2019-6215: Processing maliciously crafted web content may lead to\narbitrary code execution. A type confusion issue was addressed with\nimproved memory handling.\n\nCVE-2019-6216: Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling.\n\nCVE-2019-6217: Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling.\n\nCVE-2019-6226: Processing maliciously crafted web content may lead to\narbitrary code execution. Multiple memory corruption issues were\naddressed with improved memory handling.\n\nCVE-2019-6227: Processing maliciously crafted web content may lead to\narbitrary code execution. A memory corruption issue was addressed with\nimproved memory handling.\n\nCVE-2019-6229: Processing maliciously crafted web content may lead to\nuniversal cross-site scripting. A logic issue was addressed with\nimproved validation.\n\nCVE-2019-6233: Processing maliciously crafted web content may lead to\narbitrary code execution. A memory corruption issue was addressed with\nimproved memory handling.\n\nCVE-2019-6234: Processing maliciously crafted web content may lead to\narbitrary code execution. A memory corruption issue was addressed with\nimproved memory handling.\n\nOther bug fixes and changes: Make kinetic scrolling slow down smoothly\nwhen reaching the ends of pages, instead of abruptly, to better match\nthe GTK+ behaviour.\n\nFix Web inspector magnifier under Wayland.\n\nFix garbled rendering of some websites (e.g. YouTube) while scrolling\nunder X11.\n\nFix several crashes, race conditions, and rendering issues.\n\nFor a detailed list of changes, please refer to:\nhttps://webkitgtk.org/security/WSA-2019-0001.html\n\nhttps://webkitgtk.org/2019/02/09/webkitgtk2.22.6-released.html\n\nhttps://webkitgtk.org/security/WSA-2018-0009.html\n\nhttps://webkitgtk.org/2018/12/13/webkitgtk2.22.5-released.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119557\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/2018/12/13/webkitgtk2.22.5-released.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/2019/02/09/webkitgtk2.22.6-released.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2018-0009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://webkitgtk.org/security/WSA-2019-0001.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-4437/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-4438/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-4441/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-4442/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-4443/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-4464/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6212/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6215/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6216/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6217/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6226/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6227/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6229/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6233/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6234/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190497-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?268ab889\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-497=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t\npatch SUSE-SLE-Module-Desktop-Applications-15-2019-497=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-497=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libjavascriptcoregtk-4_0-18-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwebkit2gtk-4_0-37-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"typelib-1_0-WebKit2-4_0-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit-jsc-4-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit-jsc-4-debuginfo-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit2gtk-4_0-injected-bundles-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit2gtk3-debugsource-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"webkit2gtk3-devel-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libjavascriptcoregtk-4_0-18-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwebkit2gtk-4_0-37-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"typelib-1_0-WebKit2-4_0-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit-jsc-4-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit-jsc-4-debuginfo-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit2gtk-4_0-injected-bundles-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit2gtk3-debugsource-2.22.6-3.18.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"webkit2gtk3-devel-2.22.6-3.18.2\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:27:14", "description": "The version of Apple iOS running on the mobile device is prior to 12.1.3. It is, therefore, affected by multiple vulnerabilities:\n\n - Multiple unspecified vulnerabilities in WebKit can lead to arbitrary code execution if a user is enticed to visit a malicious web page. (CVE-2019-6227, CVE-2019-6233, CVE-2019-6234)\n\n - A maliciously crafted SQL query could lead to arbitrary code execution. (CVE-2018-20346, CVE-2018-20505, CVE-2018-20506)\n\n - A malicious application could lead to arbitrary code execution with kernel privileges. (CVE-2019-6218)\n\nAdditionally several other vulnerabilities exist, the highest of which could allow an attacker to perform a remote code execution attack by enticing a user to view malicious web content.", "cvss3": {"score": 6.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}, "published": "2019-04-17T00:00:00", "type": "nessus", "title": "Apple iOS < 12.1.3 Multiple Vulnerabilities (APPLE-SA-2019-1-22-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234", "CVE-2018-20346", "CVE-2018-20506", "CVE-2018-20505", "CVE-2019-6213", "CVE-2019-6202", "CVE-2019-6235", "CVE-2019-6208", "CVE-2019-6228", "CVE-2019-6221", "CVE-2019-6200", "CVE-2019-6231", "CVE-2019-6230", "CVE-2019-6224", "CVE-2019-6214", "CVE-2019-6225", "CVE-2019-6210", "CVE-2019-6205", "CVE-2019-6209", "CVE-2019-6206", "CVE-2019-6218", "CVE-2019-6219", "CVE-2019-6211"], "modified": "2019-04-17T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "700556.PRM", "href": "https://www.tenable.com/plugins/nnm/700556", "sourceData": "Binary data 700556.prm", "cvss": {"score": 6.8, "vector": "CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-25T17:14:07", "description": "The version of Apple iOS running on the mobile device is prior to 12.1.3. It is, therefore, affected by multiple vulnerabilities:\n\n - Multiple unspecified vulnerabilities in WebKit can lead to arbitrary code execution if a user is enticed to visit a malicious web page.\n (CVE-2019-6227, CVE-2019-6233, CVE-2019-6234)\n\n - A maliciously crafted SQL query could lead to arbitrary code execution.\n (CVE-2018-20346, CVE-2018-20505, CVE-2018-20506)\n\n - A malicious application could lead to arbitrary code execution with kernel privileges.\n (CVE-2019-6218)\n\nAdditionally several other vulnerabilities exist, the highest of which could allow an attacker to perform a remote code execution attack by enticing a user to view malicious web content.", "cvss3": {"score": 10, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}, "published": "2019-01-23T00:00:00", "type": "nessus", "title": "Apple iOS < 12.1.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2019-6200", "CVE-2019-6202", "CVE-2019-6205", "CVE-2019-6206", "CVE-2019-6208", "CVE-2019-6209", "CVE-2019-6210", "CVE-2019-6211", "CVE-2019-6212", "CVE-2019-6213", "CVE-2019-6214", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6218", "CVE-2019-6219", "CVE-2019-6221", "CVE-2019-6224", "CVE-2019-6225", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6228", "CVE-2019-6229", "CVE-2019-6230", "CVE-2019-6231", "CVE-2019-6233", "CVE-2019-6234", "CVE-2019-6235"], "modified": "2022-05-24T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_1213_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/121331", "sourceData": "Binary data apple_ios_1213_check.nbin", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:03:50", "description": "### Background\n\nWebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. \n\n### Description\n\nMultiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. \n\n### Impact\n\nAn attacker could execute arbitrary code or conduct cross-site scripting. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll WebkitGTK+ users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/webkit-gtk-2.22.6\"", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-03-14T00:00:00", "type": "gentoo", "title": "WebkitGTK+: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2019-03-14T00:00:00", "id": "GLSA-201903-12", "href": "https://security.gentoo.org/glsa/201903-12", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-31T16:48:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-03-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:0309-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6217", "CVE-2019-6233", "CVE-2019-6229", "CVE-2019-6227", "CVE-2019-6226", "CVE-2019-6234", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6212"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852337", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852337", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852337\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2019-6212\", \"CVE-2019-6215\", \"CVE-2019-6216\", \"CVE-2019-6217\",\n \"CVE-2019-6226\", \"CVE-2019-6227\", \"CVE-2019-6229\", \"CVE-2019-6233\",\n \"CVE-2019-6234\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-09 04:08:17 +0100 (Sat, 09 Mar 2019)\");\n script_name(\"openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:0309-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0309-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00015.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk3'\n package(s) announced via the openSUSE-SU-2019:0309-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for webkit2gtk3 to version 2.22.6 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-6212: Fixed multiple memory corruption vulnerabilities which\n could allow arbitrary code execution during the processing\n of special crafted web-content.\n\n - CVE-2019-6215: Fixed a type confusion vulnerability which could allow\n arbitrary code execution during the processing\n of special crafted web-content.\n\n - CVE-2019-6216: Fixed multiple memory corruption vulnerabilities which\n could allow arbitrary code execution during the processing\n of special crafted web-content.\n\n - CVE-2019-6217: Fixed multiple memory corruption vulnerabilities which\n could allow arbitrary code execution during the processing\n of special crafted web-content.\n\n - CVE-2019-6226: Fixed multiple memory corruption vulnerabilities which\n could allow arbitrary code execution during the processing\n of special crafted web-content.\n\n - CVE-2019-6227: Fixed a memory corruption vulnerability which could allow\n arbitrary code execution during the processing\n of special crafted web-content.\n\n - CVE-2019-6229: Fixed a logic issue by improving validation which could\n allow arbitrary code execution during the processing\n of special crafted web-content.\n\n - CVE-2019-6233: Fixed a memory corruption vulnerability which could allow\n arbitrary code execution during the processing\n of special crafted web-content.\n\n - CVE-2019-6234: Fixed a memory corruption vulnerability which could allow\n arbitrary code execution during the processing\n of special crafted web-content.\n\n Other issues addressed:\n\n - Update to version 2.22.6 (bsc#1124937).\n\n - Kinetic scrolling slow down smoothly when reaching the ends of pages,\n instead of abruptly, to better match the GTK+ behaviour.\n\n - Fixed Web inspector magnifier under Wayland.\n\n - Fixed garbled rendering of some websites (e.g. YouTube) while scrolling\n under X11.\n\n - Fixed several crashes, race conditions, and rendering issues.\n\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-309=1\");\n\n script_tag(name:\"affected\", value:\"webkit2gtk3 on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18\", rpm:\"libjavascriptcoregtk-4_0-18~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-debuginfo\", rpm:\"libjavascriptcoregtk-4_0-18-debuginfo~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37\", rpm:\"libwebkit2gtk-4_0-37~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-debuginfo\", rpm:\"libwebkit2gtk-4_0-37-debuginfo~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-JavaScriptCore-4_0\", rpm:\"typelib-1_0-JavaScriptCore-4_0~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2-4_0\", rpm:\"typelib-1_0-WebKit2-4_0~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2WebExtension-4_0\", rpm:\"typelib-1_0-WebKit2WebExtension-4_0~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4\", rpm:\"webkit-jsc-4~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4-debuginfo\", rpm:\"webkit-jsc-4-debuginfo~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles\", rpm:\"webkit2gtk-4_0-injected-bundles~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles-debuginfo\", rpm:\"webkit2gtk-4_0-injected-bundles-debuginfo~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-debugsource\", rpm:\"webkit2gtk3-debugsource~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-devel\", rpm:\"webkit2gtk3-devel~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser\", rpm:\"webkit2gtk3-minibrowser~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser-debuginfo\", rpm:\"webkit2gtk3-minibrowser-debuginfo~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-plugin-process-gtk2\", rpm:\"webkit2gtk3-plugin-process-gtk2~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-plugin-process-gtk2-debuginfo\", rpm:\"webkit2gtk3-plugin-process-gtk2-debuginfo~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-32bit\", rpm:\"libjavascriptcoregtk-4_0-18-32bit~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-debuginfo-32bit\", rpm:\"libjavascriptcoregtk-4_0-18-debuginfo-32bit~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-32bit\", rpm:\"libwebkit2gtk-4_0-37-32bit~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-debuginfo-32bit\", rpm:\"libwebkit2gtk-4_0-37-debuginfo-32bit~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk3-lang\", rpm:\"libwebkit2gtk3-lang~2.22.6~21.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:05", "description": "This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-23T00:00:00", "type": "openvas", "title": "Apple Safari Security Updates( HT209449 )", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6217", "CVE-2019-6233", "CVE-2019-6229", "CVE-2019-6227", "CVE-2019-6228", "CVE-2019-6226", "CVE-2019-6234", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6212"], "modified": "2019-05-22T00:00:00", "id": "OPENVAS:1361412562310814820", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814820", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple Safari Security Updates(HT209449)\n#\n# Authors:\n# Vidita V Koushik <vidita@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:safari\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814820\");\n script_version(\"2019-05-22T13:05:41+0000\");\n script_cve_id(\"CVE-2019-6228\", \"CVE-2019-6215\", \"CVE-2019-6212\", \"CVE-2019-6216\",\n \"CVE-2019-6217\", \"CVE-2019-6226\", \"CVE-2019-6227\", \"CVE-2019-6233\",\n \"CVE-2019-6234\", \"CVE-2019-6229\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-22 13:05:41 +0000 (Wed, 22 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-23 12:46:20 +0530 (Wed, 23 Jan 2019)\");\n script_name(\"Apple Safari Security Updates( HT209449 )\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Safari\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - A cross-site scripting issue.\n\n - A type confusion issue, multiple memory corruption issues exists in\n memory handling.\n\n - A logic issue exists in input validation.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code and conduct cross site scripting by\n processing maliciously crafted web content.\");\n\n script_tag(name:\"affected\", value:\"Apple Safari versions before 12.0.3\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Safari 12.0.3 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT209449\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"macosx_safari_detect.nasl\");\n script_mandatory_keys(\"AppleSafari/MacOSX/Version\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nsafVer = infos['version'];\nsafPath = infos['location'];\n\nif(version_is_less(version:safVer, test_version:\"12.0.3\"))\n{\n report = report_fixed_ver(installed_version:safVer, fixed_version:\"12.0.3\", install_path:safPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-24T17:04:23", "description": "This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-23T00:00:00", "type": "openvas", "title": "Apple iCloud Security Updates (HT209451) - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20346", "CVE-2019-6217", "CVE-2018-20505", "CVE-2019-6233", "CVE-2019-6229", "CVE-2019-6227", "CVE-2019-6226", "CVE-2018-20506", "CVE-2019-6234", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6212"], "modified": "2020-03-23T00:00:00", "id": "OPENVAS:1361412562310814821", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814821", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iCloud Security Updates (HT209451) - Windows\n#\n# Authors:\n# Vidita V Koushik <vidita@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:icloud\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814821\");\n script_version(\"2020-03-23T08:27:10+0000\");\n script_cve_id(\"CVE-2018-20346\", \"CVE-2018-20505\", \"CVE-2018-20506\", \"CVE-2019-6215\",\n \"CVE-2019-6212\", \"CVE-2019-6216\", \"CVE-2019-6217\", \"CVE-2019-6226\",\n \"CVE-2019-6227\", \"CVE-2019-6233\", \"CVE-2019-6234\", \"CVE-2019-6229\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-03-23 08:27:10 +0000 (Mon, 23 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-23 13:00:19 +0530 (Wed, 23 Jan 2019)\");\n script_name(\"Apple iCloud Security Updates (HT209451) - Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple memory corruption issues exists in input validation and memory\n handling.\n\n - A type confusion issue and\n\n - A logic issue exists.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to execute arbitrary code and conduct cross site scripting by\n processing maliciously crafted web content.\");\n\n script_tag(name:\"affected\", value:\"Apple iCloud versions before 7.10 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Update to Apple iCloud 7.10 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT209451\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_apple_icloud_detect_win.nasl\");\n script_mandatory_keys(\"apple/icloud/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\n# 7.10 => 7.10.0.9\nif(version_is_less(version:vers, test_version:\"7.10.0.9\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version:\"7.10\", install_path:path);\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:05", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-25T00:00:00", "type": "openvas", "title": "Apple iTunes Security Updates (HT209450)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20346", "CVE-2019-6217", "CVE-2018-20505", "CVE-2019-6221", "CVE-2019-6233", "CVE-2019-6229", "CVE-2019-6227", "CVE-2019-6226", "CVE-2018-20506", "CVE-2019-6235", "CVE-2019-6234", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6212"], "modified": "2019-05-22T00:00:00", "id": "OPENVAS:1361412562310814822", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814822", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iTunes Security Updates (HT209450)\n#\n# Authors:\n# Vidita V Koushik <vidita@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814822\");\n script_version(\"2019-05-22T13:05:41+0000\");\n script_cve_id(\"CVE-2018-20346\", \"CVE-2018-20505\", \"CVE-2019-6212\", \"CVE-2019-6215\",\n \"CVE-2019-6216\", \"CVE-2019-6221\", \"CVE-2019-6227\", \"CVE-2019-6229\",\n \"CVE-2019-6233\", \"CVE-2018-20506\", \"CVE-2019-6217\", \"CVE-2019-6234\",\n \"CVE-2019-6235\", \"CVE-2019-6226\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-22 13:05:41 +0000 (Wed, 22 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-25 14:09:57 +0530 (Fri, 25 Jan 2019)\");\n script_name(\"Apple iTunes Security Updates (HT209450)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exist due to,\n\n - Multiple memory corruption issues.\n\n - An out-of-bounds read error.\n\n - A type confusion issue.\n\n - A logic issue.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows attackers to elevate\n privileges, conduct universal cross site scripting and execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.9.3\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.9.3 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT209450\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Ver\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nappVer = infos['version'];\nappPath = infos['location'];\n\nif(version_is_less(version:appVer, test_version:\"12.9.3\"))\n{\n report = report_fixed_ver(installed_version:appVer, fixed_version:\"12.9.3\", install_path: appPath);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:48:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-03-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:0308-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4437", "CVE-2018-4442", "CVE-2019-6217", "CVE-2018-4443", "CVE-2019-6233", "CVE-2018-4438", "CVE-2019-6229", "CVE-2018-4464", "CVE-2019-6227", "CVE-2019-6226", "CVE-2018-4441", "CVE-2019-6234", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6212"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852338", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852338", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852338\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-4437\", \"CVE-2018-4438\", \"CVE-2018-4441\", \"CVE-2018-4442\",\n \"CVE-2018-4443\", \"CVE-2018-4464\", \"CVE-2019-6212\", \"CVE-2019-6215\",\n \"CVE-2019-6216\", \"CVE-2019-6217\", \"CVE-2019-6226\", \"CVE-2019-6227\",\n \"CVE-2019-6229\", \"CVE-2019-6233\", \"CVE-2019-6234\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-09 04:08:40 +0100 (Sat, 09 Mar 2019)\");\n script_name(\"openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:0308-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0308-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00014.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'webkit2gtk3'\n package(s) announced via the openSUSE-SU-2019:0308-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for webkit2gtk3 to version 2.22.6 fixes the following issues\n (boo#1124937 boo#1119558):\n\n Security vulnerabilities fixed:\n\n - CVE-2018-4437: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling. (boo#1119553)\n\n - CVE-2018-4438: Processing maliciously crafted web content may lead to\n arbitrary code execution. A logic issue existed resulting in memory\n corruption. This was addressed with improved state management.\n (boo#1119554)\n\n - CVE-2018-4441: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling. (boo#1119555)\n\n - CVE-2018-4442: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling. (boo#1119556)\n\n - CVE-2018-4443: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling. (boo#1119557)\n\n - CVE-2018-4464: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling. (boo#1119558)\n\n - CVE-2019-6212: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling.\n\n - CVE-2019-6215: Processing maliciously crafted web content may lead to\n arbitrary code execution. A type confusion issue was addressed with\n improved memory handling.\n\n - CVE-2019-6216: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling.\n\n - CVE-2019-6217: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling.\n\n - CVE-2019-6226: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling.\n\n - CVE-2019-6227: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling.\n\n - CVE-2019-6229: Processing maliciously crafted web content may lead to\n universal cross site scripting. A logic issue was addressed with\n improved validation.\n\n - CVE-2019-6233: Processing maliciously crafted web ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"webkit2gtk3 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18\", rpm:\"libjavascriptcoregtk-4_0-18~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-debuginfo\", rpm:\"libjavascriptcoregtk-4_0-18-debuginfo~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37\", rpm:\"libwebkit2gtk-4_0-37~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-debuginfo\", rpm:\"libwebkit2gtk-4_0-37-debuginfo~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-JavaScriptCore-4_0\", rpm:\"typelib-1_0-JavaScriptCore-4_0~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2-4_0\", rpm:\"typelib-1_0-WebKit2-4_0~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"typelib-1_0-WebKit2WebExtension-4_0\", rpm:\"typelib-1_0-WebKit2WebExtension-4_0~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4\", rpm:\"webkit-jsc-4~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit-jsc-4-debuginfo\", rpm:\"webkit-jsc-4-debuginfo~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles\", rpm:\"webkit2gtk-4_0-injected-bundles~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk-4_0-injected-bundles-debuginfo\", rpm:\"webkit2gtk-4_0-injected-bundles-debuginfo~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-debugsource\", rpm:\"webkit2gtk3-debugsource~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-devel\", rpm:\"webkit2gtk3-devel~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser\", rpm:\"webkit2gtk3-minibrowser~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-minibrowser-debuginfo\", rpm:\"webkit2gtk3-minibrowser-debuginfo~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-plugin-process-gtk2\", rpm:\"webkit2gtk3-plugin-process-gtk2~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"webkit2gtk3-plugin-process-gtk2-debuginfo\", rpm:\"webkit2gtk3-plugin-process-gtk2-debuginfo~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-32bit\", rpm:\"libjavascriptcoregtk-4_0-18-32bit~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo\", rpm:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-32bit\", rpm:\"libwebkit2gtk-4_0-37-32bit~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk-4_0-37-32bit-debuginfo\", rpm:\"libwebkit2gtk-4_0-37-32bit-debuginfo~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libwebkit2gtk3-lang\", rpm:\"libwebkit2gtk3-lang~2.22.6~lp150.2.12.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nThe Webkitgtk project reports:\n\nCVE-2019-6212 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\nCVE-2019-6215 - Processing maliciously crafted web content may lead to arbitrary code execution. A type confusion issue was addressed with improved memory handling.\nCVE-2019-6216 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\nCVE-2019-6217 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\nCVE-2019-6226 - Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory handling.\nCVE-2019-6227 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\nCVE-2019-6229 - Processing maliciously crafted web content may lead to universal cross site scripting. A logic issue was addressed with improved validation.\nCVE-2019-6233 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\nCVE-2019-6234 - Processing maliciously crafted web content may lead to arbitrary code execution. A memory corruption issue was addressed with improved memory handling.\n\n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-08T00:00:00", "type": "freebsd", "title": "webkit-gtk -- Multiple vulnabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2019-02-08T00:00:00", "id": "E3AACD6D-3D01-434C-9330-BC9EFD40350F", "href": "https://vuxml.freebsd.org/freebsd/e3aacd6d-3d01-434c-9330-bc9efd40350f.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:42:09", "description": "An update that fixes 9 vulnerabilities is now available.\n\nDescription:\n\n This update for webkit2gtk3 to version 2.22.6 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-6212: Fixed multiple memory corruption vulnerabilities which\n could allow arbitrary code execution during the processing\n of special crafted web-content.\n - CVE-2019-6215: Fixed a type confusion vulnerability which could allow\n arbitrary code execution during the processing\n of special crafted web-content.\n - CVE-2019-6216: Fixed multiple memory corruption vulnerabilities which\n could allow arbitrary code execution during the processing\n of special crafted web-content.\n - CVE-2019-6217: Fixed multiple memory corruption vulnerabilities which\n could allow arbitrary code execution during the processing\n of special crafted web-content.\n - CVE-2019-6226: Fixed multiple memory corruption vulnerabilities which\n could allow arbitrary code execution during the processing\n of special crafted web-content.\n - CVE-2019-6227: Fixed a memory corruption vulnerability which could allow\n arbitrary code execution during the processing\n of special crafted web-content.\n - CVE-2019-6229: Fixed a logic issue by improving validation which could\n allow arbitrary code execution during the processing\n of special crafted web-content.\n - CVE-2019-6233: Fixed a memory corruption vulnerability which could allow\n arbitrary code execution during the processing\n of special crafted web-content.\n - CVE-2019-6234: Fixed a memory corruption vulnerability which could allow\n arbitrary code execution during the processing\n of special crafted web-content.\n\n Other issues addressed:\n - Update to version 2.22.6 (bsc#1124937).\n - Kinetic scrolling slow down smoothly when reaching the ends of pages,\n instead of abruptly, to better match the GTK+ behaviour.\n - Fixed Web inspector magnifier under Wayland.\n - Fixed garbled rendering of some websites (e.g. YouTube) while scrolling\n under X11.\n - Fixed several crashes, race conditions, and rendering issues.\n\n\n This update was imported from the SUSE:SLE-12-SP2:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-309=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-03-08T00:00:00", "type": "suse", "title": "Security update for webkit2gtk3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2019-03-08T00:00:00", "id": "OPENSUSE-SU-2019:0309-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DHEIV3HS3R3DOXTOFAWTRV766GUZXBD6/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-18T12:42:09", "description": "An update that fixes 15 vulnerabilities is now available.\n\nDescription:\n\n This update for webkit2gtk3 to version 2.22.6 fixes the following issues\n (boo#1124937 boo#1119558):\n\n Security vulnerabilities fixed:\n\n - CVE-2018-4437: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling. (boo#1119553)\n - CVE-2018-4438: Processing maliciously crafted web content may lead to\n arbitrary code execution. A logic issue existed resulting in memory\n corruption. This was addressed with improved state management.\n (boo#1119554)\n - CVE-2018-4441: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling. (boo#1119555)\n - CVE-2018-4442: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling. (boo#1119556)\n - CVE-2018-4443: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling. (boo#1119557)\n - CVE-2018-4464: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling. (boo#1119558)\n - CVE-2019-6212: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling.\n - CVE-2019-6215: Processing maliciously crafted web content may lead to\n arbitrary code execution. A type confusion issue was addressed with\n improved memory handling.\n - CVE-2019-6216: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling.\n - CVE-2019-6217: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling.\n - CVE-2019-6226: Processing maliciously crafted web content may lead to\n arbitrary code execution. Multiple memory corruption issues were\n addressed with improved memory handling.\n - CVE-2019-6227: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling.\n - CVE-2019-6229: Processing maliciously crafted web content may lead to\n universal cross site scripting. A logic issue was addressed with\n improved validation.\n - CVE-2019-6233: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling.\n - CVE-2019-6234: Processing maliciously crafted web content may lead to\n arbitrary code execution. A memory corruption issue was addressed with\n improved memory handling.\n\n Other bug fixes and changes:\n\n - Make kinetic scrolling slow down smoothly when reaching the ends of\n pages, instead of abruptly, to better match the GTK+ behaviour.\n - Fix Web inspector magnifier under Wayland.\n - Fix garbled rendering of some websites (e.g. YouTube) while scrolling\n under X11.\n - Fix several crashes, race conditions, and rendering issues.\n\n For a detailed list of changes, please refer to:\n\n - https://webkitgtk.org/security/WSA-2019-0001.html\n - https://webkitgtk.org/2019/02/09/webkitgtk2.22.6-released.html\n - https://webkitgtk.org/security/WSA-2018-0009.html\n - https://webkitgtk.org/2018/12/13/webkitgtk2.22.5-released.html\n\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-308=1", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2019-03-08T00:00:00", "type": "suse", "title": "Security update for webkit2gtk3 (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4437", "CVE-2018-4438", "CVE-2018-4441", "CVE-2018-4442", "CVE-2018-4443", "CVE-2018-4464", "CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2019-03-08T00:00:00", "id": "OPENSUSE-SU-2019:0308-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VOC7EROFYXM7H5YCNM5NI27KEAEP5HCQ/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "apple": [{"lastseen": "2020-12-24T20:42:37", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## Safari 12.0.3\n\nReleased January 22, 2019\n\n**Safari Reader**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.\n\nCVE-2019-6228: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: Mike Zhang from The Pangu team, Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n\n\n## Additional recognition\n\n**Safari Reader**\n\nWe would like to acknowledge Ryan Pickren (ryanpickren.com) for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-09-11T09:22:04", "title": "About the security content of Safari 12.0.3 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6217", "CVE-2019-6233", "CVE-2019-6229", "CVE-2019-6227", "CVE-2019-8570", "CVE-2019-6228", "CVE-2019-6226", "CVE-2019-6234", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6212"], "modified": "2019-09-11T09:22:04", "id": "APPLE:HT209449", "href": "https://support.apple.com/kb/HT209449", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:00:12", "description": "# About the security content of Safari 12.0.3\n\nThis document describes the security content of Safari 12.0.3.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## Safari 12.0.3\n\nReleased January 22, 2019\n\n**Safari Reader**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.\n\nCVE-2019-6228: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: Mike Zhang from The Pangu team, Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, and macOS Mojave 10.14.3\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n\n\n## Additional recognition\n\n**Safari Reader**\n\nWe would like to acknowledge Ryan Pickren (ryanpickren.com) for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: September 11, 2019\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-22T00:00:00", "type": "apple", "title": "About the security content of Safari 12.0.3", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6228", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234", "CVE-2019-8570"], "modified": "2019-01-22T00:00:00", "id": "APPLE:B93E9072DD7B0B072DE4948F392F64AE", "href": "https://support.apple.com/kb/HT209449", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:41:53", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iCloud for Windows 7.10\n\nReleased January 22, 2019\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: an anonymous researcher, an anonymous researcher\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n\n\n## Additional recognition\n\n**WebKit**\n\nWe would like to acknowledge James Lee (@Windowsrcer) of Kryptos Logic for their assistance.\n\nEntry updated February 15, 2019\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-09-11T09:12:20", "title": "About the security content of iCloud for Windows 7.10 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2019-6217", "CVE-2018-20505", "CVE-2019-6233", "CVE-2019-6229", "CVE-2019-6227", "CVE-2019-8570", "CVE-2019-6226", "CVE-2018-20506", "CVE-2019-6234", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6212"], "modified": "2019-09-11T09:12:20", "id": "APPLE:HT209451", "href": "https://support.apple.com/kb/HT209451", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:00:12", "description": "# About the security content of iCloud for Windows 7.10\n\nThis document describes the security content of iCloud for Windows 7.10.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iCloud for Windows 7.10\n\nReleased January 22, 2019\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: an anonymous researcher, an anonymous researcher\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n\n\n## Additional recognition\n\n**WebKit**\n\nWe would like to acknowledge James Lee (@Windowsrcer) of Kryptos Logic for their assistance.\n\nEntry updated February 15, 2019\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: September 11, 2019\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-22T00:00:00", "type": "apple", "title": "About the security content of iCloud for Windows 7.10", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234", "CVE-2019-8570"], "modified": "2019-01-22T00:00:00", "id": "APPLE:F7C054E723805E34E0E58C0D3E614976", "href": "https://support.apple.com/kb/HT209451", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:43:23", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iTunes 12.9.3 for Windows\n\nReleased January 24, 2019\n\n**AppleKeyStore**\n\nAvailable for: Windows 7 and later\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6235: Brandon Azad\n\n**Core Media**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6221: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: Mike Zhang from The Pangu team, Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n\n\n## Additional recognition\n\n**WebKit**\n\nWe would like to acknowledge James Lee (@Windowsrcer) of Kryptos Logic for their assistance.\n\nEntry updated February 15, 2019\n", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-09-11T09:24:48", "title": "About the security content of iTunes 12.9.3 for Windows - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2019-6217", "CVE-2018-20505", "CVE-2019-6221", "CVE-2019-6233", "CVE-2019-6229", "CVE-2019-6227", "CVE-2019-8570", "CVE-2019-6226", "CVE-2018-20506", "CVE-2019-6235", "CVE-2019-6234", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6212"], "modified": "2019-09-11T09:24:48", "id": "APPLE:HT209450", "href": "https://support.apple.com/kb/HT209450", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:00:15", "description": "# About the security content of iTunes 12.9.3 for Windows\n\nThis document describes the security content of iTunes 12.9.3 for Windows.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iTunes 12.9.3 for Windows\n\nReleased January 24, 2019\n\n**AppleKeyStore**\n\nAvailable for: Windows 7 and later\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6235: Brandon Azad\n\n**Core Media**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6221: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\n**SQLite**\n\nAvailable for: Windows 7 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: Mike Zhang from The Pangu team, Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n\n\n## Additional recognition\n\n**WebKit**\n\nWe would like to acknowledge James Lee (@Windowsrcer) of Kryptos Logic for their assistance.\n\nEntry updated February 15, 2019\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: September 11, 2019\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-01-24T00:00:00", "type": "apple", "title": "About the security content of iTunes 12.9.3 for Windows", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6221", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234", "CVE-2019-6235", "CVE-2019-8570"], "modified": "2019-01-24T00:00:00", "id": "APPLE:A49C40F4327A861EBE2E91DA2786C348", "href": "https://support.apple.com/kb/HT209450", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T19:30:35", "description": "# About the security content of watchOS 5.1.3\n\nThis document describes the security content of watchOS 5.1.3.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## watchOS 5.1.3\n\nReleased January 22, 2019\n\n**AppleKeyStore**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6235: Brandon Azad\n\n**Core Media**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6202: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\n**CoreAnimation**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team\n\n**CoreAnimation**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6230: Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan Team\n\n**FaceTime**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2019-6224: natashenka of Google Project Zero\n\n**IOKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6214: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6210: Ned Williamson of Google\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-6213: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2019-6209: Brandon Azad of Google Project Zero\n\n**Natural Language Processing**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-6219: Authier Thomas\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\n\n\n## Additional recognition\n\n**mDNSResponder**\n\nWe would like to acknowledge Fatemah Alharbi of University of California, Riverside (UCR) and Taibah University (TU), Jie Chang of LinkSure Network, Yuchen Zhou of Northeastern University, Feng Qian of University of Minnesota \u2013 Twin City, Zhiyun Qian of University of California, Riverside (UCR), and Nael Abu-Ghazaleh of University of California, Riverside (UCR) for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 05, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-01-22T00:00:00", "type": "apple", "title": "About the security content of watchOS 5.1.3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2019-6202", "CVE-2019-6209", "CVE-2019-6210", "CVE-2019-6213", "CVE-2019-6214", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6219", "CVE-2019-6224", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6230", "CVE-2019-6231", "CVE-2019-6235"], "modified": "2019-01-22T00:00:00", "id": "APPLE:5DC0F458B41AAC5AEDC2DDFE4C176AA7", "href": "https://support.apple.com/kb/HT209448", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:10", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## watchOS 5.1.3\n\nReleased January 22, 2019\n\n**AppleKeyStore**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6235: Brandon Azad\n\n**Core Media**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6202: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\n**CoreAnimation**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team\n\n**CoreAnimation**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6230: Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan Team\n\n**FaceTime**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2019-6224: Natalie Silvanovich of Google Project Zero\n\n**IOKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6214: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6210: Ned Williamson of Google\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-6213: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2019-6209: Brandon Azad of Google Project Zero\n\n**Natural Language Processing**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-6219: Authier Thomas\n\n**SQLite**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\n\n\n## Additional recognition\n\n**mDNSResponder**\n\nWe would like to acknowledge Fatemah Alharbi of University of California, Riverside (UCR) and Taibah University (TU), Jie Chang of LinkSure Network, Yuchen Zhou of Northeastern University, Feng Qian of University of Minnesota \u2013 Twin City, Zhiyun Qian of University of California, Riverside (UCR), and Nael Abu-Ghazaleh of University of California, Riverside (UCR) for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-28T12:28:50", "title": "About the security content of watchOS 5.1.3 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2019-6217", "CVE-2018-20505", "CVE-2019-6213", "CVE-2019-6210", "CVE-2019-6209", "CVE-2019-6230", "CVE-2019-6231", "CVE-2019-6202", "CVE-2019-6219", "CVE-2019-6227", "CVE-2019-6226", "CVE-2018-20506", "CVE-2019-6235", "CVE-2019-6224", "CVE-2019-6216", "CVE-2019-6214"], "modified": "2019-01-28T12:28:50", "id": "APPLE:HT209448", "href": "https://support.apple.com/kb/HT209448", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:05", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## tvOS 12.1.2\n\nReleased January 22, 2019\n\n**AppleKeyStore**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6235: Brandon Azad\n\n**CoreAnimation**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team\n\n**CoreAnimation**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6230: Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan Team\n\n**FaceTime**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2019-6224: Natalie Silvanovich of Google Project Zero\n\n**IOKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6214: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6225: Brandon Azad of Google Project Zero, Qixun Zhao of Qihoo 360 Vulcan Team\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6210: Ned Williamson of Google\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may cause unexpected changes in memory shared between processes\n\nDescription: A memory corruption issue was addressed with improved lock state checking.\n\nCVE-2019-6205: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-6213: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2019-6209: Brandon Azad of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may cause unexpected changes in memory shared between processes\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6208: Jann Horn of Google Project Zero\n\n**libxpc**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6218: Ian Beer of Google Project Zero\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: Mike Zhang from The Pangu team, Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n\n\n## Additional recognition\n\n**mDNSResponder**\n\nWe would like to acknowledge Fatemah Alharbi of University of California, Riverside (UCR) and Taibah University (TU), Jie Chang of LinkSure Network, Yuchen Zhou of Northeastern University, Feng Qian of University of Minnesota \u2013 Twin City, Zhiyun Qian of University of California, Riverside (UCR), and Nael Abu-Ghazaleh of University of California, Riverside (UCR) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-09-11T09:30:07", "title": "About the security content of tvOS 12.1.2 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2019-6208", "CVE-2019-6217", "CVE-2018-20505", "CVE-2019-6213", "CVE-2019-6218", "CVE-2019-6210", "CVE-2019-6233", "CVE-2019-6209", "CVE-2019-6230", "CVE-2019-6231", "CVE-2019-6229", "CVE-2019-6225", "CVE-2019-6227", "CVE-2019-8570", "CVE-2019-6226", "CVE-2018-20506", "CVE-2019-6205", "CVE-2019-6235", "CVE-2019-6234", "CVE-2019-6224", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6214", "CVE-2019-6212"], "modified": "2019-09-11T09:30:07", "id": "APPLE:HT209447", "href": "https://support.apple.com/kb/HT209447", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:14:15", "description": "# About the security content of tvOS 12.1.2\n\nThis document describes the security content of tvOS 12.1.2.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## tvOS 12.1.2\n\nReleased January 22, 2019\n\n**AppleKeyStore**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6235: Brandon Azad\n\n**CoreAnimation**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team\n\n**CoreAnimation**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6230: Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan Team\n\n**FaceTime**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2019-6224: natashenka of Google Project Zero\n\n**IOKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6214: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6225: Brandon Azad of Google Project Zero, Qixun Zhao of Qihoo 360 Vulcan Team\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6210: Ned Williamson of Google\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may cause unexpected changes in memory shared between processes\n\nDescription: A memory corruption issue was addressed with improved lock state checking.\n\nCVE-2019-6205: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-6213: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2019-6209: Brandon Azad of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may cause unexpected changes in memory shared between processes\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6208: Jann Horn of Google Project Zero\n\n**libxpc**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6218: Ian Beer of Google Project Zero\n\n**SQLite**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: Mike Zhang from The Pangu team, Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n\n\n## Additional recognition\n\n**mDNSResponder**\n\nWe would like to acknowledge Fatemah Alharbi of University of California, Riverside (UCR) and Taibah University (TU), Jie Chang of LinkSure Network, Yuchen Zhou of Northeastern University, Feng Qian of University of Minnesota \u2013 Twin City, Zhiyun Qian of University of California, Riverside (UCR), and Nael Abu-Ghazaleh of University of California, Riverside (UCR) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 05, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-01-22T00:00:00", "type": "apple", "title": "About the security content of tvOS 12.1.2", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2019-6205", "CVE-2019-6208", "CVE-2019-6209", "CVE-2019-6210", "CVE-2019-6212", "CVE-2019-6213", "CVE-2019-6214", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6218", "CVE-2019-6224", "CVE-2019-6225", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6230", "CVE-2019-6231", "CVE-2019-6233", "CVE-2019-6234", "CVE-2019-6235", "CVE-2019-8570"], "modified": "2019-01-22T00:00:00", "id": "APPLE:423789A788D6D3E2809B401C45687850", "href": "https://support.apple.com/kb/HT209447", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:41:28", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iOS 12.1.3\n\nReleased January 22, 2019\n\n**AppleKeyStore**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6235: Brandon Azad\n\n**Bluetooth**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An attacker in a privileged network position may be able to execute arbitrary code\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-6200: an anonymous researcher\n\n**Core Media**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6202: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6221: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\n**CoreAnimation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team\n\n**CoreAnimation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6230: Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan Team\n\n**FaceTime**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2019-6224: Natalie Silvanovich of Google Project Zero\n\n**IOKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6214: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6225: Brandon Azad of Google Project Zero, Qixun Zhao of Qihoo 360 Vulcan Team\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6210: Ned Williamson of Google\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may cause unexpected changes in memory shared between processes\n\nDescription: A memory corruption issue was addressed with improved lock state checking.\n\nCVE-2019-6205: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-6213: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2019-6209: Brandon Azad of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may cause unexpected changes in memory shared between processes\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6208: Jann Horn of Google Project Zero\n\n**Keyboard**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Password autofill may fill in passwords after they were manually cleared\n\nDescription: An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management.\n\nCVE-2019-6206: Sergey Pershenkov\n\n**libxpc**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6218: Ian Beer of Google Project Zero\n\n**Natural Language Processing**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-6219: Authier Thomas\n\n**Safari Reader**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.\n\nCVE-2019-6228: Ryan Pickren (ryanpickren.com)\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: Mike Zhang from The Pangu team, Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n**WebRTC**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-6211: Georgi Geshev (@munmap), Fabi Beterke (@pwnfl4k3s), and Rob Miller (@trotmaster99) of MWR Labs (@mwrlabs) working with Trend Micro's Zero Day Initiative\n\n\n\n## Additional recognition\n\n**mDNSResponder**\n\nWe would like to acknowledge Fatemah Alharbi of University of California, Riverside (UCR) and Taibah University (TU), Feng Qian of University of Minnesota \u2013 Twin City, Jie Chang of LinkSure Network, Nael Abu-Ghazaleh of University of California, Riverside (UCR), Yuchen Zhou of Northeastern University, Zhiyun Qian of University of California, Riverside (UCR) for their assistance.\n\nEntry updated February 15, 2019\n\n**Safari Reader**\n\nWe would like to acknowledge Ryan Pickren (ryanpickren.com) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge James Lee (@Windowsrcer) of Kryptos Logic for their assistance.\n\nEntry updated February 15, 2019\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-09-11T09:20:12", "title": "About the security content of iOS 12.1.3 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2019-6208", "CVE-2019-6217", "CVE-2018-20505", "CVE-2019-6211", "CVE-2019-6221", "CVE-2019-6213", "CVE-2019-6218", "CVE-2019-6210", "CVE-2019-6233", "CVE-2019-6209", "CVE-2019-6230", "CVE-2019-6231", "CVE-2019-6206", "CVE-2019-6202", "CVE-2019-6219", "CVE-2019-6200", "CVE-2019-6229", "CVE-2019-6225", "CVE-2019-6227", "CVE-2019-8570", "CVE-2019-6228", "CVE-2019-6226", "CVE-2018-20506", "CVE-2019-6205", "CVE-2019-6235", "CVE-2019-6234", "CVE-2019-6224", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6214", "CVE-2019-6212"], "modified": "2019-09-11T09:20:12", "id": "APPLE:HT209443", "href": "https://support.apple.com/kb/HT209443", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-27T03:29:19", "description": "# About the security content of iOS 12.1.3\n\nThis document describes the security content of iOS 12.1.3.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iOS 12.1.3\n\nReleased January 22, 2019\n\n**AppleKeyStore**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6235: Brandon Azad\n\n**Bluetooth**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An attacker in a privileged network position may be able to execute arbitrary code\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-6200: an anonymous researcher\n\n**Core Media**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6202: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6221: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\n**CoreAnimation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team\n\n**CoreAnimation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6230: Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan Team\n\n**FaceTime**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2019-6224: natashenka of Google Project Zero\n\n**IOKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6214: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to elevate privileges\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nCVE-2019-6225: Brandon Azad of Google Project Zero, Qixun Zhao of Qihoo 360 Vulcan Team\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6210: Ned Williamson of Google\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may cause unexpected changes in memory shared between processes\n\nDescription: A memory corruption issue was addressed with improved lock state checking.\n\nCVE-2019-6205: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2019-6213: Ian Beer of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2019-6209: Brandon Azad of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may cause unexpected changes in memory shared between processes\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-6208: Jann Horn of Google Project Zero\n\n**Keyboard**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Password autofill may fill in passwords after they were manually cleared\n\nDescription: An issue existed with autofill resuming after it was canceled. The issue was addressed with improved state management.\n\nCVE-2019-6206: Sergey Pershenkov\n\n**libxpc**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-6218: Ian Beer of Google Project Zero\n\n**Natural Language Processing**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing a maliciously crafted message may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-6219: Authier Thomas\n\n**Safari Reader**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to a cross site scripting attack\n\nDescription: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.\n\nCVE-2019-6228: Ryan Pickren (ryanpickren.com)\n\n**SQLite**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A maliciously crafted SQL query may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-20346: Tencent Blade Team\n\nCVE-2018-20505: Tencent Blade Team\n\nCVE-2018-20506: Tencent Blade Team\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team\n\nCVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved validation.\n\nCVE-2019-6229: Ryan Pickren (ryanpickren.com)\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2019-6215: Lokihardt of Google Project Zero\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-6212: Mike Zhang from The Pangu team, Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day Initiative\n\nCVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan Team\n\nCVE-2019-6226: Apple\n\nEntry updated February 15, 2019\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may disclose sensitive user information\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8570: James Lee (@Windowsrcer) of S2SWWW.com\n\nEntry added April 3, 2019, updated September 11, 2019\n\n**WebRTC**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2019-6211: Georgi Geshev (@munmap), Fabi Beterke (@pwnfl4k3s), and Rob Miller (@trotmaster99) of MWR Labs (@mwrlabs) working with Trend Micro's Zero Day Initiative\n\n\n\n## Additional recognition\n\n**mDNSResponder**\n\nWe would like to acknowledge Fatemah Alharbi of University of California, Riverside (UCR) and Taibah University (TU), Feng Qian of University of Minnesota \u2013 Twin City, Jie Chang of LinkSure Network, Nael Abu-Ghazaleh of University of California, Riverside (UCR), Yuchen Zhou of Northeastern University, Zhiyun Qian of University of California, Riverside (UCR) for their assistance.\n\nEntry updated February 15, 2019\n\n**Safari Reader**\n\nWe would like to acknowledge Ryan Pickren (ryanpickren.com) for their assistance.\n\n**WebKit**\n\nWe would like to acknowledge James Lee (@Windowsrcer) of Kryptos Logic for their assistance.\n\nEntry updated February 15, 2019\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: March 05, 2021\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-01-22T00:00:00", "type": "apple", "title": "About the security content of iOS 12.1.3", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2019-6200", "CVE-2019-6202", "CVE-2019-6205", "CVE-2019-6206", "CVE-2019-6208", "CVE-2019-6209", "CVE-2019-6210", "CVE-2019-6211", "CVE-2019-6212", "CVE-2019-6213", "CVE-2019-6214", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6218", "CVE-2019-6219", "CVE-2019-6221", "CVE-2019-6224", "CVE-2019-6225", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6228", "CVE-2019-6229", "CVE-2019-6230", "CVE-2019-6231", "CVE-2019-6233", "CVE-2019-6234", "CVE-2019-6235", "CVE-2019-8570"], "modified": "2019-01-22T00:00:00", "id": "APPLE:44A3ECC7D3B2719CF4A259F2E411BB53", "href": "https://support.apple.com/kb/HT209443", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2021-08-18T11:10:42", "description": "### *Detect date*:\n02/11/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack.\n\n### *Affected products*:\nApple iCloud earlier than 7.10\n\n### *Solution*:\nUpdate to the latest version \n[Download iCloud for Windows](<https://support.apple.com/en-us/HT204283>)\n\n### *Original advisories*:\n[About the security content of iCloud for Windows 7.10](<https://support.apple.com/en-us/HT209451>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iCloud](<https://threats.kaspersky.com/en/product/Apple-iCloud/>)\n\n### *CVE-IDS*:\n[CVE-2018-20346](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346>)6.8High \n[CVE-2018-20505](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20505>)5.0Critical \n[CVE-2018-20506](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20506>)6.8High \n[CVE-2019-6215](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6215>)6.8High \n[CVE-2019-6212](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6212>)6.8High \n[CVE-2019-6216](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6216>)6.8High \n[CVE-2019-6217](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6217>)6.8High \n[CVE-2019-6226](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6226>)6.8High \n[CVE-2019-6227](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6227>)6.8High \n[CVE-2019-6233](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6233>)6.8High \n[CVE-2019-6234](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6234>)6.8High \n[CVE-2019-6229](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6229>)4.3Warning\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-11T00:00:00", "type": "kaspersky", "title": "KLA11409 Multiple vulnerabilities in Apple iCloud", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234"], "modified": "2020-06-18T00:00:00", "id": "KLA11409", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11409/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-18T11:10:43", "description": "### *Detect date*:\n01/24/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code, perform cross-site scripting attack.\n\n### *Affected products*:\nApple iTunes earlier than 12.9.3\n\n### *Solution*:\nUpdate to the latest version \n[Download iTunes](<https://www.apple.com/itunes/download/>)\n\n### *Original advisories*:\n[About the security content of iTunes 12.9.3 for Windows](<https://support.apple.com/en-us/HT209450>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iTunes](<https://threats.kaspersky.com/en/product/Apple-iTunes/>)\n\n### *CVE-IDS*:\n[CVE-2019-6235](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6235>)7.5Critical \n[CVE-2019-6221](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6221>)6.8High \n[CVE-2018-20346](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20346>)6.8High \n[CVE-2018-20505](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20505>)5.0Critical \n[CVE-2018-20506](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20506>)6.8High \n[CVE-2019-6215](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6215>)6.8High \n[CVE-2019-6212](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6212>)6.8High \n[CVE-2019-6216](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6216>)6.8High \n[CVE-2019-6217](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6217>)6.8High \n[CVE-2019-6226](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6226>)6.8High \n[CVE-2019-6227](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6227>)6.8High \n[CVE-2019-6233](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6233>)6.8High \n[CVE-2019-6234](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6234>)6.8High \n[CVE-2019-6229](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6229>)4.3Warning\n\n### *Exploitation*:\nThe following public exploits exists for this vulnerability:", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2019-01-24T00:00:00", "type": "kaspersky", "title": "KLA11408 Multiple vulnerabilities in Apple iTunes", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2019-6212", "CVE-2019-6215", "CVE-2019-6216", "CVE-2019-6217", "CVE-2019-6221", "CVE-2019-6226", "CVE-2019-6227", "CVE-2019-6229", "CVE-2019-6233", "CVE-2019-6234", "CVE-2019-6235"], "modified": "2020-06-18T00:00:00", "id": "KLA11408", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11408/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
