First published: Thu Sep 19 2019(Updated: )
WebKit. Multiple memory corruption issues were addressed with improved memory handling.
Credit: found by OSS-Fuzz zhunki Codesafe Team of Legendsec at QiDongzhuo Zhao ADLab of VenustechSergei Glazunov Google Project ZeroSamuel Groß Google Project Zeroan anonymous researcher Trend Microcc Trend Micro Zero Day InitiativeJihui Lu Tencent KeenLabJunho Jang LINE Security TeamHanul Choi ABLY CorporationG. Geshev Trend Micro Zero Day Initiative product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
tvOS | <13 | 13 |
Apple iOS, iPadOS, and watchOS | <6 | 6 |
Apple iCloud | <7.14 | 7.14 |
Apple iCloud | <10.7 | 10.7 |
iTunes | <12.10.1 | 12.10.1 |
Safari | <13.0.1 | 13.0.1 |
iCloud for Windows | <7.14 | |
iCloud for Windows | >=10.0<10.7 | |
iTunes | <12.10.1 | |
Safari | <13.0.1 | |
iPadOS | <13.1 | |
iPhone OS | <13.1 | |
tvOS | <13 | |
Apple iOS, iPadOS, and watchOS | <6.0 | |
Apple iOS and iPadOS | <13.1 | 13.1 |
Apple iOS, iPadOS, and macOS | <13.1 | 13.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
CVE-2019-8773 is a vulnerability in WebKit that allows processing maliciously crafted web content to lead to arbitrary code execution.
The severity of CVE-2019-8773 is high with a CVSS score of 8.8.
The software versions affected are Safari 13.0.1, watchOS 6, iCloud for Windows 10.7, iTunes 12.10.1 for Windows, tvOS 13, iOS 13.1, and iPadOS 13.1.
To fix CVE-2019-8773, update to the following versions: Safari 13.0.1, watchOS 6, iCloud for Windows 10.7, iTunes 12.10.1 for Windows, tvOS 13, iOS 13.1, and iPadOS 13.1.
More information about CVE-2019-8773 can be found on the Apple support page: [link](https://support.apple.com/en-us/HT210603).