Details of VAR-201912-0131

ID

VAR-201912-0131

CVE

CVE-2019-8775

TITLE

plural Apple Updates to product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2019-011304

DESCRIPTION

The issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 13.1 and iPadOS 13.1. A person with physical access to an iOS device may be able to access contacts from the lock screen. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * * information leak * * User impersonation * * Arbitrary code execution * * UI Spoofing * * Insufficient access restrictions * * Service operation interruption (DoS) * * Privilege escalation * * Memory corruption * * Authentication bypass. CVE-2019-8787: Steffen Klee of Secure Mobile Networking Lab at Technische Universität Darmstadt App Store Available for: Apple Watch Series 1 and later Impact: A local attacker may be able to login to the account of a previously logged in user without valid credentials. CVE-2019-8798: ABC Research s.r.o. Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-10-29-11 Additional information for APPLE-SA-2019-9-26-8 iOS 13.1 and iPadOS 13.1 iOS 13.1 and iPadOS 13.1 address the following: AppleFirmwareUpdateKext Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2019-8747: Mohamed Ghannam (@_simo36) Entry added October 29, 2019 Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab Entry added October 29, 2019 Books Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service Description: A resource exhaustion issue was addressed with improved input validation. CVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven Entry added October 29, 2019 Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2019-8740: Mohamed Ghannam (@_simo36) Entry added October 29, 2019 Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A local app may be able to read a persistent account identifier Description: A validation issue was addressed with improved logic. CVE-2019-8809: Apple Entry added October 29, 2019 Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to determine kernel memory layout Description: The issue was addressed with improved permissions logic. CVE-2019-8780: Siguza libxslt Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Multiple issues in libxslt Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2019-8750: found by OSS-Fuzz Entry added October 29, 2019 mDNSResponder Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker in physical proximity may be able to passively observe device names in AWDL communications Description: This issue was resolved by replacing device names with a random identifier. CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt Entry added October 29, 2019 VoiceOver Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A person with physical access to an iOS device may be able to access contacts from the lock screen Description: The issue was addressed by restricting options offered on a locked device. CVE-2019-8775: videosdebarraquito WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Visiting a maliciously crafted website may reveal browsing history Description: An issue existed in the drawing of web page elements. CVE-2019-8769: Piérre Reimertz (@reimertz) WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8710: found by OSS-Fuzz CVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group CVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech CVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech CVE-2019-8763: Sergei Glazunov of Google Project Zero CVE-2019-8765: Samuel Groß of Google Project Zero CVE-2019-8766: found by OSS-Fuzz CVE-2019-8773: found by OSS-Fuzz Additional recognition boringssl We would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum for their assistance. Entry added October 29, 2019 Find My iPhone We would like to acknowledge an anonymous researcher for their assistance. Identity Service We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Notes We would like to acknowledge an anonymous researcher for their assistance. Share Sheet We would like to acknowledge Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt for their assistance. Status Bar We would like to acknowledge Isaiah Kahler, Mohammed Adham, and an anonymous researcher for their assistance. Telephony We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 13.1 and iPadOS 13.1". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24p5UpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3wrA/9 G4tF+kYWc/7JI3gglC1/OqfJv+G+N5GnI6foGtyu9S8cSRx+bZFHTp4yYC6zmKow hCE9LZrWczuMvBlN134uMY9bj/12TaIbrbjeM3nink1FrnuXNOdfA4X4dEdkssRH DbAqbnjMlSgfH0Px+07utmrytRh4/EtQt+LNQqLUlsMzCgoPDRLlxNC0PhBdEjhr KXidFZ7g5v/RxIAuXFsjpUOfxUJxgMkTSIvxQu7mlGKEasKZOkXDmzVVogE0Zt3k Zsn3uSCL+r/qUVE8/LQMMOf192+0DB/0CHay/oyf9JteuAquMFZhvbqapDOpiFGh 33JN3gj/SA1N+7bJhoG+jx73IfQrHF5tBRwKb3saE/IKvM4WlKStRB1x3mmTlkxC mObxaGFmFjZNKgC+CXm0fQ0343jvTsw88RKM6XOlisybxEVLFHeBxrrFNIOU+C+w llItCsmC4iSe8s80Rwu52sLGpHRLtBBCB02sZqRCe4/znYpEA3vcWp8DtafSz4sc cEEYhJlyWOMKRpiszCpfw0AvbIX/QfudT+Vd414eQOdGzBPaM5TAMyudX+zfD27R hUYSPC3/ZqgxHkYk48SbCT74XpVZcgLVL4Rxxg4N6xW+zHtE8Cyl69cIAkSWP/rY 4fUMIYDjQlPNYof0CFuQRA4IrEQGtN3vDlxycfUWMts= =q3r7 -----END PGP SIGNATURE-----

Trust: 1.98

sources: NVD: CVE-2019-8775 // JVNDB: JVNDB-2019-011304 // VULHUB: VHN-160210 // PACKETSTORM: 155065 // PACKETSTORM: 155068 // PACKETSTORM: 154656

AFFECTED PRODUCTS

vendor:	apple	model:	watchos	scope:	lt	version:	6.1	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	13.1	Trust: 1.0
vendor:	apple	model:	ipados	scope:	lt	version:	13.1	Trust: 1.0
vendor:	apple	model:	icloud	scope:	lt	version:	for windows 11.0 earlier	Trust: 0.8
vendor:	apple	model:	icloud	scope:	lt	version:	for windows 7.15 earlier	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	13.2 earlier	Trust: 0.8
vendor:	apple	model:	ipados	scope:	lt	version:	13.2 earlier	Trust: 0.8
vendor:	apple	model:	itunes	scope:	lt	version:	12.10.2 for windows earlier	Trust: 0.8
vendor:	apple	model:	macos catalina	scope:	lt	version:	10.15.1 earlier	Trust: 0.8
vendor:	apple	model:	macos high sierra	scope:	eq	version:	10.13.6 (security update 2019-006 not applied )	Trust: 0.8
vendor:	apple	model:	macos mojave	scope:	eq	version:	10.14.6 (security update 2019-001 not applied )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	13.0.3 earlier	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	13.2 earlier	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	6.1 earlier	Trust: 0.8
vendor:	apple	model:	xcode	scope:	lt	version:	11.2 earlier	Trust: 0.8

sources: JVNDB: JVNDB-2019-011304 // NVD: CVE-2019-8775

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-8775
value:	LOW
Trust: 1.0
CNNVD:	CNNVD-201909-1292
value:	LOW
Trust: 0.6
VULHUB:	VHN-160210
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2019-8775
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-160210
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-8775
baseSeverity:	LOW
baseScore:	2.4
vectorString:	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	0.9
impactScore:	1.4
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-160210 // CNNVD: CNNVD-201909-1292 // NVD: CVE-2019-8775

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-200	Trust: 0.1

sources: VULHUB: VHN-160210 // NVD: CVE-2019-8775

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201909-1292

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-011304

PATCH

title:	About the security content of iCloud for Windows 11.0	url:	https://support.apple.com/en-us/HT210727	Trust: 0.8
title:	About the security content of iCloud for Windows 7.15	url:	https://support.apple.com/en-us/HT210728	Trust: 0.8
title:	About the security content of iOS 13.2 and iPadOS 13.2	url:	https://support.apple.com/en-us/HT210721	Trust: 0.8
title:	About the security content of Xcode 11.2	url:	https://support.apple.com/en-us/HT210729	Trust: 0.8
title:	About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006	url:	https://support.apple.com/en-us/HT210722	Trust: 0.8
title:	About the security content of tvOS 13.2	url:	https://support.apple.com/en-us/HT210723	Trust: 0.8
title:	About the security content of watchOS 6.1	url:	https://support.apple.com/en-us/HT210724	Trust: 0.8
title:	About the security content of Safari 13.0.3	url:	https://support.apple.com/en-us/HT210725	Trust: 0.8
title:	About the security content of iTunes 12.10.2 for Windows	url:	https://support.apple.com/en-us/HT210726	Trust: 0.8
title:	Mac に搭載されている macOS を調べる	url:	https://support.apple.com/ja-jp/HT201260	Trust: 0.8
title:	Apple iOS and Apple iPadOS VoiceOver Fixes for component security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98679	Trust: 0.6

sources: JVNDB: JVNDB-2019-011304 // CNNVD: CNNVD-201909-1292

EXTERNAL IDS

db:	NVD	id:	CVE-2019-8775	Trust: 2.8
db:	PACKETSTORM	id:	154656	Trust: 0.8
db:	JVN	id:	JVNVU96749516	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-011304	Trust: 0.8
db:	PACKETSTORM	id:	155068	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.3648	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4013	Trust: 0.6
db:	CNNVD	id:	CNNVD-201909-1292	Trust: 0.6
db:	VULHUB	id:	VHN-160210	Trust: 0.1
db:	PACKETSTORM	id:	155065	Trust: 0.1

sources: VULHUB: VHN-160210 // JVNDB: JVNDB-2019-011304 // PACKETSTORM: 155065 // PACKETSTORM: 155068 // PACKETSTORM: 154656 // CNNVD: CNNVD-201909-1292 // NVD: CVE-2019-8775

REFERENCES

url:	https://support.apple.com/ht210603	Trust: 1.7
url:	https://support.apple.com/ht210724	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8775	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8750	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8765	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8766	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8743	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8747	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8812	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8785	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8797	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8764	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8786	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8798	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8787	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8803	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8816	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8710	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8820	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8794	Trust: 0.9
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8811	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8788	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8803	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8815	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8766	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8735	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8789	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8804	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8816	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8775	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8793	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8805	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8710	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8819	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8782	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8794	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8807	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8743	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8820	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8783	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8795	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8811	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8747	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8821	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8784	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8797	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8812	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8750	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8822	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8785	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8798	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8813	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8764	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8823	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8786	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8802	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8814	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8765	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8787	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu96749516/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8822	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8813	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8823	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8814	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8802	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8815	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8788	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8804	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8789	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8805	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8819	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8782	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8793	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8807	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8783	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8821	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8784	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8735	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8795	Trust: 0.8
url:	https://support.apple.com/en-au/ht201222	Trust: 0.6
url:	https://support.apple.com/en-au/ht210603	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4013/	Trust: 0.6
url:	https://support.apple.com/en-us/ht210603	Trust: 0.6
url:	https://packetstormsecurity.com/files/155068/apple-security-advisory-2019-10-29-11.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/154656/apple-security-advisory-2019-9-26-8.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3648/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-ios-13-information-disclosure-via-lock-screen-contacts-30459	Trust: 0.6
url:	https://vigilance.fr/vulnerability/apple-ios-privilege-escalation-via-extensions-30466	Trust: 0.6
url:	https://support.apple.com/kb/ht201222	Trust: 0.3
url:	https://www.apple.com/support/security/pgp/	Trust: 0.3
url:	https://www.apple.com/itunes/	Trust: 0.2
url:	https://support.apple.com/kb/ht204641	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7152	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8808	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8774	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8706	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8773	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8769	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8752	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8751	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8809	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8763	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8740	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8780	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8799	Trust: 0.1

CREDITS

Apple

Trust: 0.9

sources: PACKETSTORM: 155065 // PACKETSTORM: 155068 // PACKETSTORM: 154656 // CNNVD: CNNVD-201909-1292

SOURCES

db:	VULHUB	id:	VHN-160210
db:	JVNDB	id:	JVNDB-2019-011304
db:	PACKETSTORM	id:	155065
db:	PACKETSTORM	id:	155068
db:	PACKETSTORM	id:	154656
db:	CNNVD	id:	CNNVD-201909-1292
db:	NVD	id:	CVE-2019-8775

LAST UPDATE DATE

2024-08-14T12:16:10.550000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-160210	date:	2019-12-23T00:00:00
db:	JVNDB	id:	JVNDB-2019-011304	date:	2020-01-07T00:00:00
db:	CNNVD	id:	CNNVD-201909-1292	date:	2021-10-29T00:00:00
db:	NVD	id:	CVE-2019-8775	date:	2021-07-21T11:39:23.747

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-160210	date:	2019-12-18T00:00:00
db:	JVNDB	id:	JVNDB-2019-011304	date:	2019-11-01T00:00:00
db:	PACKETSTORM	id:	155065	date:	2019-11-01T17:10:20
db:	PACKETSTORM	id:	155068	date:	2019-11-01T17:11:25
db:	PACKETSTORM	id:	154656	date:	2019-09-29T18:22:22
db:	CNNVD	id:	CNNVD-201909-1292	date:	2019-09-27T00:00:00
db:	NVD	id:	CVE-2019-8775	date:	2019-12-18T18:15:40.270