First published: Mon May 13 2019(Updated: )
WebKit. An out-of-bounds read was addressed with improved input validation.
Credit: Junho Jang Hanul Choi LINE Security TeamJunho Jang Hanul Choi LINE Security TeamJunho Jang Hanul Choi LINE Security TeamJunho Jang Hanul Choi LINE Security TeamJunho Jang Hanul Choi LINE Security Team product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iTunes for Windows | <12.9.5 | 12.9.5 |
Apple watchOS | <5.2.1 | 5.2.1 |
Apple macOS Mojave | <10.14.5 | 10.14.5 |
Apple High Sierra | ||
Apple Sierra | ||
Apple tvOS | <12.3 | 12.3 |
Apple iOS | <12.3 | 12.3 |
redhat/webkitgtk | <2.24.2 | 2.24.2 |
Apple Icloud Windows | <7.12 | |
Apple Icloud Windows | >=10.0<10.4 | |
Apple Itunes Windows | <12.9.5 | |
Apple Safari | <12.1.1 | |
Apple iPhone OS | <12.3 | |
Apple Mac OS X | <10.14.5 | |
Apple tvOS | <12.3 | |
Apple watchOS | <5.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2019-8607 is a vulnerability in WebKit that allows an attacker to read out-of-bounds memory, potentially resulting in the disclosure of process memory.
CVE-2019-8607 affects iOS up to version 12.3, macOS Mojave up to version 10.14.5, tvOS up to version 12.3, watchOS up to version 5.2.1, Safari up to version 12.1.1, iTunes for Windows up to version 12.9.5, and iCloud for Windows up to version 7.12.
To fix CVE-2019-8607, update your software to the following versions: iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, Safari 12.1.1, iTunes for Windows 12.9.5, and iCloud for Windows 7.12.
CVE-2019-8607 has a severity rating of 6.5 (Medium).
The Common Weakness Enumeration (CWE) IDs for CVE-2019-8607 are CWE-20 (Improper Input Validation) and CWE-125 (Out-of-bounds Read).