ID

VAR-201912-0816


CVE

CVE-2019-6236


TITLE

plural Apple Updates to product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2019-001923

DESCRIPTION

A race condition existed during the installation of iCloud for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iCloud installer in an untrusted directory may result in arbitrary code execution. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Insufficient access restrictions * Cross-site scripting * Privilege escalation * Service operation interruption (DoS) * Sandbox avoidance * Information falsification * information leak * Arbitrary code execution * Arbitrary command execution * Memory corruption. The product supports storage of music, photos, App and contacts, etc. iCloud Installer is one of the iCloud installer components. A security vulnerability exists in the iCloud Installer component of Apple iCloud versions prior to 7.11 on Windows platforms. An attacker could exploit this vulnerability to execute arbitrary code. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-3-25-6 iCloud for Windows 7.11 iCloud for Windows 7.11 is now available and addresses the following: CoreCrypto Available for: Windows 7 and later Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-6232: Stefan Kanthak (eskamation.de) WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2019-8506: Samuel Groß of Google Project Zero WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8535: Zhiyang Zeng (@Wester) of Tencent Blade Team WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-6201: dwfault working with ADLab of Venustech CVE-2019-8518: Samuel Groß of Google Project Zero CVE-2019-8523: Apple CVE-2019-8524: G. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8558: Samuel Groß of Google Project Zero CVE-2019-8559: Apple CVE-2019-8563: Apple WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cross-origin issue existed with the fetch API. CVE-2019-8515: James Lee (@Windowsrcer) WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8536: Apple CVE-2019-8544: an anonymous researcher WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-7285: dwfault working at ADLab of Venustech CVE-2019-8556: Apple WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: A validation issue was addressed with improved logic. CVE-2019-7292: Zhunki and Zhiyi Zhang of 360 ESG Codesafe Team WebKit Available for: Windows 7 and later Impact: A malicious website may be able to execute scripts in the context of another website Description: A logic issue was addressed with improved validation. CVE-2019-8503: Linus Särud of Detectify WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved validation. CVE-2019-6236: Stefan Kanthak (eskamation.de) Additional recognition Safari We would like to acknowledge Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) for their assistance. WebKit We would like to acknowledge Andrey Kovalev of Yandex Security Team for their assistance. Installation note: iCloud for Windows 7.11 may be obtained from: https://support.apple.com/HT204283 Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlyZM7spHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3FvIRAA msR75UH21iTYcw51dCCfBKSvthsplmLy/4hXwdD975Qk23H6nPRH+0CDQf1E+y3C KmWHZafHoUjfyu28MH5bJcYV9LZ2cTNZ+88f7EKNAH7Ox5MfzEyCO5EtA7Q9F/1W HbMBS7HmWPTFPREI5HzNrilhvV6GvOkql/7Wsp9a6miOJ4QO7oHcLc1YZB9Vh25B xiQJZeJ443DKfJKeWVOL3qVyL3xqGUB0rN3LFIWrFpybfuMyuNwle6lwQvcy0ulK FBCmj1MNlsep0dQHdA/jaR3UYWcNBOTieAh7QTsdOsa+64cTrJtQOqhAtI7ffu3k c+v84wO9URzosbXZEmQgw9lKDd8k+o2qy13QNULsIf0KKeNdhKwNq1EzvvDF0z/a OMot5r1l1ufhKd9SHPJZ1ouXz5d5zx3hjGMMhCxINVKfa26ZEqlRW5ST/vtxwL0v Q8SsfefyowWTimnt+Wl52ErwNgyS/ejTgGRzmrR1zlIVBk2eczwTlMd4bmHYMTHu NHhIZl9CA6Amnb+YIWT55h/ghpj1P/HGdAcmMo844GfZGrHhG9vMjpvb7uP3+gsA sxN5p3YK6FtH3w3LmpEX6e5D3xt1JV3GjfrwzI8HCDZ4B7BXW9oCTqYBO1fjlD+U 5JiM2QuX58lIYitvAxfgAoWjU79AAZ9omZS4Q4D+n3Q= =0QP2 -----END PGP SIGNATURE-----=

Trust: 1.8

sources: NVD: CVE-2019-6236 // JVNDB: JVNDB-2019-001923 // VULHUB: VHN-157671 // PACKETSTORM: 152228

AFFECTED PRODUCTS

vendor:applemodel:icloudscope:ltversion:7.11

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:for windows 7.11 earlier

Trust: 0.8

vendor:applemodel:iosscope:ltversion:12.2 earlier

Trust: 0.8

vendor:applemodel:itunesscope:ltversion:12.9.4 for windows earlier

Trust: 0.8

vendor:applemodel:macos high sierrascope:eqversion:(security update 2019-002 not applied )

Trust: 0.8

vendor:applemodel:macos mojavescope:ltversion:10.14.4 earlier

Trust: 0.8

vendor:applemodel:macos sierrascope:eqversion:(security update 2019-002 not applied )

Trust: 0.8

vendor:applemodel:safariscope:ltversion:12.1 earlier

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:12.2 earlier

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:5.2 earlier

Trust: 0.8

vendor:applemodel:xcodescope:ltversion:10.2 earlier

Trust: 0.8

sources: JVNDB: JVNDB-2019-001923 // NVD: CVE-2019-6236

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-6236
value: HIGH

Trust: 1.0

CNNVD: CNNVD-201903-938
value: HIGH

Trust: 0.6

VULHUB: VHN-157671
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-6236
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-157671
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-6236
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-157671 // CNNVD: CNNVD-201903-938 // NVD: CVE-2019-6236

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 1.1

sources: VULHUB: VHN-157671 // NVD: CVE-2019-6236

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201903-938

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-201903-938

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-001923

PATCH

title:About the security content of iCloud for Windows 7.11url:https://support.apple.com/en-us/HT209605

Trust: 0.8

title:About the security content of watchOS 5.2url:https://support.apple.com/en-us/HT209602

Trust: 0.8

title:About the security content of iOS 12.2url:https://support.apple.com/en-us/HT209599

Trust: 0.8

title:About the security content of Xcode 10.2url:https://support.apple.com/en-us/HT209606

Trust: 0.8

title:About the security content of tvOS 12.2url:https://support.apple.com/en-us/HT209601

Trust: 0.8

title:About the security content of macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierraurl:https://support.apple.com/en-us/HT209600

Trust: 0.8

title:About the security content of Safari 12.1url:https://support.apple.com/en-us/HT209603

Trust: 0.8

title:About the security content of iTunes 12.9.4 for Windowsurl:https://support.apple.com/en-us/HT209604

Trust: 0.8

title:Apple iCloud for Windows iCloud Installer Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90383

Trust: 0.6

sources: JVNDB: JVNDB-2019-001923 // CNNVD: CNNVD-201903-938

EXTERNAL IDS

db:NVDid:CVE-2019-6236

Trust: 2.6

db:JVNid:JVNVU93236010

Trust: 0.8

db:JVNDBid:JVNDB-2019-001923

Trust: 0.8

db:CNNVDid:CNNVD-201903-938

Trust: 0.7

db:PACKETSTORMid:152228

Trust: 0.7

db:AUSCERTid:ESB-2019.0986

Trust: 0.6

db:VULHUBid:VHN-157671

Trust: 0.1

sources: VULHUB: VHN-157671 // JVNDB: JVNDB-2019-001923 // PACKETSTORM: 152228 // CNNVD: CNNVD-201903-938 // NVD: CVE-2019-6236

REFERENCES

url:https://support.apple.com/ht209605

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-6236

Trust: 1.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-8558

Trust: 0.9

url:https://nvd.nist.gov/vuln/detail/cve-2019-8559

Trust: 0.9

url:https://nvd.nist.gov/vuln/detail/cve-2019-6232

Trust: 0.9

url:https://nvd.nist.gov/vuln/detail/cve-2019-8563

Trust: 0.9

url:https://nvd.nist.gov/vuln/detail/cve-2019-8556

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6232

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8520

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8561

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6236

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8522

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8562

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6239

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8526

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8563

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8556

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8507

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8533

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8565

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8555

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8508

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8537

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8567

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8553

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8510

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8554

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8513

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8558

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6207

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8519

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8559

Trust: 0.8

url:https://jvn.jp/vu/jvnvu93236010/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8553

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8513

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-6207

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8519

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8520

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8561

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8522

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8562

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-6239

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8526

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8565

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8507

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8533

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8567

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8508

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8537

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8555

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8510

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8554

Trust: 0.8

url:https://support.apple.com/en-au/ht209605

Trust: 0.6

url:https://www.auscert.org.au/bulletins/77790

Trust: 0.6

url:https://packetstormsecurity.com/files/152228/apple-security-advisory-2019-3-25-6.html

Trust: 0.6

url:https://support.apple.com/en-us/ht209605

Trust: 0.6

url:https://support.apple.com/ht204283

Trust: 0.1

url:https://support.apple.com/kb/ht201222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8524

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-6201

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8544

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-7285

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8518

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8506

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8523

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8536

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8542

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8503

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8535

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8515

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-7292

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8551

Trust: 0.1

sources: VULHUB: VHN-157671 // JVNDB: JVNDB-2019-001923 // PACKETSTORM: 152228 // CNNVD: CNNVD-201903-938 // NVD: CVE-2019-6236

CREDITS

Apple,Stefan Kanthak (eskamation.de)

Trust: 0.6

sources: CNNVD: CNNVD-201903-938

SOURCES

db:VULHUBid:VHN-157671
db:JVNDBid:JVNDB-2019-001923
db:PACKETSTORMid:152228
db:CNNVDid:CNNVD-201903-938
db:NVDid:CVE-2019-6236

LAST UPDATE DATE

2024-08-14T13:09:46.989000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-157671date:2019-12-21T00:00:00
db:JVNDBid:JVNDB-2019-001923date:2020-01-06T00:00:00
db:CNNVDid:CNNVD-201903-938date:2021-10-29T00:00:00
db:NVDid:CVE-2019-6236date:2019-12-21T14:25:44.040

SOURCES RELEASE DATE

db:VULHUBid:VHN-157671date:2019-12-18T00:00:00
db:JVNDBid:JVNDB-2019-001923date:2019-03-29T00:00:00
db:PACKETSTORMid:152228date:2019-03-26T14:43:31
db:CNNVDid:CNNVD-201903-938date:2019-03-26T00:00:00
db:NVDid:CVE-2019-6236date:2019-12-18T18:15:21.270