Home

CVE-2019-8558

Description

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execution.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
14.663

Associated Vulnerability

VulnerabilityOS Platform
Apple iTunes (X64) (12.9.4.102)Windows
iCloud (7.11.0.19)Windows
Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.9.3Windows
Multiple Vulnerabilities are affected in Apple iTunes 12.9.3Windows
Multiple Vulnerabilities are affected in Apple Safari for MAC 12.0.3Mac
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-2.28.2-2.el7.i686.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-2.28.2-2.el7.x86_64.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-devel-2.28.2-2.el7.i686.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-devel-2.28.2-2.el7.x86_64.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-doc-2.28.2-2.el7.noarch.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-2.28.2-2.el7.i686.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpmLinux
(RHSA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-2.28.2-2.el7.i686.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-devel-2.28.2-2.el7.i686.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-2.28.2-2.el7.i686.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-devel-2.28.2-2.el7.i686.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-2.28.2-2.el7.x86_64.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-devel-2.28.2-2.el7.x86_64.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-doc-2.28.2-2.el7.noarch.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-2.28.2-2.el7.x86_64.rpmLinux
(CESA-2020:4035) webkitgtk4 security, bug fix, and enhancement update webkitgtk4-jsc-devel-2.28.2-2.el7.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libjavascriptcoregtk-4_0-18-debuginfo-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk-4_0-37-debuginfo-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) libwebkit2gtk3-lang-2.34.3-2.82.1.noarch.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-JavaScriptCore-4_0-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2-4_0-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) typelib-1_0-WebKit2WebExtension-4_0-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk-4_0-injected-bundles-debuginfo-2.34.3-2.82.1.x86_64.rpmLinux
SUSE-SU-2022:0142-1(SUSE Linux Enterprise Server 12-SP5 ) webkit2gtk3-debugsource-2.34.3-2.82.1.x86_64.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) pidgin-2.13.0-5.el8.x86_64.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) libpurple-2.13.0-5.el8.i686.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) libpurple-2.13.0-5.el8.x86_64.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gdk-pixbuf2-2.36.12-5.el8.i686.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gdk-pixbuf2-2.36.12-5.el8.x86_64.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gnome-desktop3-3.32.2-1.el8.i686.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gnome-desktop3-3.32.2-1.el8.x86_64.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gdk-pixbuf2-devel-2.36.12-5.el8.i686.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gdk-pixbuf2-devel-2.36.12-5.el8.x86_64.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gdk-pixbuf2-modules-2.36.12-5.el8.i686.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gdk-pixbuf2-modules-2.36.12-5.el8.x86_64.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gnome-desktop3-devel-3.32.2-1.el8.i686.rpmLinux
GNOME security, bug fix, and enhancement update (RLSA-2019:3553) gnome-desktop3-devel-3.32.2-1.el8.x86_64.rpmLinux
Low: GNOME security, bug fix, and enhancement update pidgin-2.13.0-5.el8.x86_64.rpmLinux
Low: GNOME security, bug fix, and enhancement update libpurple-2.13.0-5.el8.i686.rpmLinux
Low: GNOME security, bug fix, and enhancement update libpurple-2.13.0-5.el8.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-309323Apple iTunes (X64) (12.9.4.102)
PATCH-309326iCloud (7.11.0.19)
PATCH-611604Apple Safari for MAC (MacOS Sonoma) (18.6)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234