CVE-2019-7285

Description

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

Risk Information

Base Score

8.8

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

1.28

Associated Vulnerability

Vulnerability	OS Platform
Apple iTunes (X64) (12.9.4.102)	Windows
iCloud (7.11.0.19)	Windows
Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.9.3	Windows
Multiple Vulnerabilities are affected in Apple iTunes 12.9.3	Windows
Multiple Vulnerabilities are affected in Apple Safari for MAC 12.0.3	Mac
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) libjavascriptcoregtk-4_0-18-2.24.1-2.41.5.x86_64.rpm	Linux
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) libjavascriptcoregtk-4_0-18-debuginfo-2.24.1-2.41.5.x86_64.rpm	Linux
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) libwebkit2gtk-4_0-37-2.24.1-2.41.5.x86_64.rpm	Linux
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) libwebkit2gtk-4_0-37-debuginfo-2.24.1-2.41.5.x86_64.rpm	Linux
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) libwebkit2gtk3-lang-2.24.1-2.41.5.noarch.rpm	Linux
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) typelib-1_0-JavaScriptCore-4_0-2.24.1-2.41.5.x86_64.rpm	Linux
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) typelib-1_0-WebKit2-4_0-2.24.1-2.41.5.x86_64.rpm	Linux
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) webkit2gtk-4_0-injected-bundles-2.24.1-2.41.5.x86_64.rpm	Linux
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) webkit2gtk-4_0-injected-bundles-debuginfo-2.24.1-2.41.5.x86_64.rpm	Linux
SUSE-SU-2019:1155-1(SUSE Linux Enterprise Desktop 12-SP3 ) webkit2gtk3-debugsource-2.24.1-2.41.5.x86_64.rpm	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-309323	Apple iTunes (X64) (12.9.4.102)
PATCH-309326	iCloud (7.11.0.19)
PATCH-611604	Apple Safari for MAC (MacOS Sonoma) (18.6)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234