CVE-2019-8710
First published: Thu Sep 19 2019(Updated: )
WebKit. Multiple memory corruption issues were addressed with improved memory handling.
Credit: found by OSS-Fuzz zhunki Codesafe Team of Legendsec at QiDongzhuo Zhao ADLab of VenustechDongzhuo Zhao ADLab of VenustechSergei Glazunov Google Project ZeroSamuel Groß Google Project Zerofound by OSS-Fuzz found by OSS-Fuzz an anonymous researcher Trend Microcc Trend Micro Zero Day Initiativefound by OSS-Fuzz Jihui Lu Tencent KeenLabJunho Jang LINE Security TeamHanul Choi ABLY CorporationSergei Glazunov Google Project Zerofound by OSS-Fuzz G. Geshev Trend Micro Zero Day Initiativezhunki Codesafe Team of Legendsec at QiDongzhuo Zhao ADLab of VenustechDongzhuo Zhao ADLab of VenustechSergei Glazunov Google Project ZeroSamuel Groß Google Project Zerofound by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz zhunki Codesafe Team of Legendsec at QiDongzhuo Zhao ADLab of VenustechDongzhuo Zhao ADLab of VenustechSergei Glazunov Google Project ZeroSamuel Groß Google Project Zerofound by OSS-Fuzz found by OSS-Fuzz found by OSS-Fuzz Junho Jang LINE Security TeamHanul Choi ABLY Corporationfound by OSS-Fuzz Dongzhuo Zhao ADLab of VenustechDongzhuo Zhao ADLab of Venustechfound by OSS-Fuzz an anonymous researcher Trend Microcc Trend Micro Zero Day Initiativefound by OSS-Fuzz Jihui Lu Tencent KeenLabJunho Jang LINE Security TeamHanul Choi ABLY CorporationSergei Glazunov Google Project Zerofound by OSS-Fuzz G. Geshev Trend Micro Zero Day Initiativezhunki Codesafe Team of Legendsec at QiDongzhuo Zhao ADLab of VenustechDongzhuo Zhao ADLab of VenustechSergei Glazunov Google Project ZeroSamuel Groß Google Project Zerofound by OSS-Fuzz found by OSS-Fuzz product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Safari | <13.0.1 | 13.0.1 |
| Apple iTunes for Windows | <12.10.1 | 12.10.1 |
| Apple watchOS | <6 | 6 |
| Apple tvOS | <13 | 13 |
| Apple iOS | <13.1 | 13.1 |
| Apple iPadOS | <13.1 | 13.1 |
| redhat/webkitgtk | <2.26.0 | 2.26.0 |
| Apple Icloud Windows | <10.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT210603 (Advisory)
- https://support.apple.com/en-us/HT210604 (Advisory)
- https://support.apple.com/en-us/HT210605 (Advisory)
- https://support.apple.com/en-us/HT210607 (Advisory)
- https://support.apple.com/en-us/HT210635 (Advisory)
- https://security.gentoo.org/glsa/202003-22
- https://support.apple.com/HT210727
- https://access.redhat.com/security/cve/CVE-2019-8710
- https://webkitgtk.org/security/WSA-2019-0006.html
- https://access.redhat.com/errata/RHSA-2020:4035
- https://access.redhat.com/security/cve/cve-2019-8710
- https://access.redhat.com/errata/RHSA-2020:4451
- https://bugzilla.redhat.com/show_bug.cgi?id=1876536
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-8654
- CVE-2019-8725
- CVE-2019-8771
- CVE-2019-8710
- CVE-2019-8743
- CVE-2019-8751
- CVE-2019-8752
- CVE-2019-8763
- CVE-2019-8765
- CVE-2019-8766
- CVE-2019-8773
- CVE-2019-8764
- CVE-2019-8762
- CVE-2020-9932
- CVE-2019-8741
- CVE-2019-8825
- CVE-2019-8746
- CVE-2019-8749
- CVE-2019-8756
- CVE-2019-8750
- CVE-2019-8745
- CVE-2019-8625
- CVE-2019-8719
- CVE-2019-8707
- CVE-2019-8726
- CVE-2019-8728
- CVE-2019-8733
- CVE-2019-8734
- CVE-2019-8735
- CVE-2019-8706
- CVE-2019-8850
- CVE-2019-8753
- CVE-2019-8705
- CVE-2019-8718
- CVE-2019-8703
- CVE-2019-8740
- CVE-2019-8809
- CVE-2019-8712
- CVE-2019-8744
- CVE-2019-8709
- CVE-2019-8717
- CVE-2019-8799
- CVE-2019-8831
- CVE-2019-8854
- CVE-2019-8747
- CVE-2019-8592
- CVE-2019-8780
- CVE-2019-8704
- CVE-2019-8774
- CVE-2019-8901
- CVE-2019-8775
- CVE-2019-8769
Frequently Asked Questions
What is CVE-2019-8710?
CVE-2019-8710 is a vulnerability in WebKit that allows arbitrary code execution when processing malicious web content.
What software is affected by CVE-2019-8710?
CVE-2019-8710 affects WebKitGTK 2.26.0, Apple iCloud for Windows up to version 10.8, Apple Safari up to version 13.0.1, Apple watchOS up to version 6, Apple iTunes for Windows up to version 12.10.1, Apple tvOS up to version 13, Apple iOS up to version 13.1, and Apple iPadOS up to version 13.1.
What is the severity of CVE-2019-8710?
CVE-2019-8710 is classified as high severity with a score of 8.8.
How can CVE-2019-8710 be fixed?
To fix CVE-2019-8710, users should update their software. For WebKitGTK, update to version 2.26.0. For Apple iCloud for Windows, update to version 11.0. For Apple Safari, watchOS, iTunes for Windows, tvOS, iOS, and iPadOS, update to the latest available versions.
Where can I find more information about CVE-2019-8710?
More information about CVE-2019-8710 can be found on the Apple support website at the following links: [Link 1](https://support.apple.com/en-us/HT210603), [Link 2](https://support.apple.com/en-us/HT210607), [Link 3](https://support.apple.com/en-us/HT210604).
- collector/apple-support
- alias/CVE-2019-8743
- alias/CVE-2019-8751
- alias/CVE-2019-8752
- alias/CVE-2019-8763
- alias/CVE-2019-8765
- alias/CVE-2019-8766
- alias/CVE-2019-8773
- alias/CVE-2019-8710
- alias/CVE-2019-8726
- alias/CVE-2019-8728
- alias/CVE-2019-8733
- alias/CVE-2019-8734
- alias/CVE-2019-8735
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/software-canonical-lookup-request
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- agent/software-canonical-lookup
- agent/event
- collector/nvd-index
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple safari
- canonical/apple itunes for windows
- canonical/apple watchos
- canonical/apple tvos
- canonical/apple ios
- canonical/apple ipados
- package-manager/redhat
- canonical/apple icloud windows