| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 07 Oct 2019 13:35:52 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2019-10-07-4 iCloud for Windows 7.14 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-10-07-4 iCloud for Windows 7.14 iCloud for Windows 7.14 is now available and addresses the following: UIFoundation Available for: Windows 7 and later Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2019-8625: Sergei Glazunov of Google Project Zero CVE-2019-8719: Sergei Glazunov of Google Project Zero WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative CVE-2019-8726: Jihui Lu of Tencent KeenLab CVE-2019-8733: Sergei Glazunov of Google Project Zero CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative CVE-2019-8763: Sergei Glazunov of Google Project Zero Additional recognition Software Update We would like to acknowledge Michael Gorelik (@smgoreli) of Morphisec (morphisec.com) for their assistance. WebKit We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) and Zhihua Yao of DBAPPSecurity Zion Lab for their assistance. Installation note: iCloud for Windows 7.14 may be obtained from: https://support.apple.com/HT204283 Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2biHQpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQBz4uGe3y0M3Dgg/+ P2NmrMl2vitEZahXFgLHPpOcQ07iR+iIQwGRLE9fJeN07Px026NfExuM0VxUpIDw Op0yjOalD8Bp8dxLVWqae+omTQib5m2bq9QSX0SyNrWu0tnuD8P1IBqcV+teihYF tEIdpMrTniGn3Zdt2En5F2Rgi2dpq4JOF0BeZ6EsNRHY2T4kY1sd7gbHQVfrMDNR zFECWwYYSPIYvHIDNKOEpjj2CwTeVEmATGYm8aFWDWSw+Q2OibqbHUG0eB1LNUtk SESlysSt24xqhy5QrAdrFNKEIvHXeRLD+0eSf23zvYD1F5UnINpEeUNx50CLRS5D ZyCI7K65P2lP4kVmmWtAd3OvLJyp6uc4XKrhomzGJFdxENWq5fv7q+XYwC6cctrK XmfGKkdf2fYE8/o4NCmOvrKYnMcy/t1QeqFyMlMaDSCEE2FE2j7suEKUUhMpJ5HM N7Y5jRa8fJh6pnrlsTnU/yoJ9VPNb26Y/Rt4qYylKcOHgSvpKnP7u4cyF7nF05Um AIlPld8Zi0irJscfOxnxDOaN37oEEiEXT0RA9ruVgSCItgHXxACoZ6kwSiUeX0N8 PcIjA95bhLUhCDJYdyanMxElbWvOZTJMbOeGn6O2aVHoscF3ekHWJ51EXXHj+GyT 103UsSxKw+paXT2Wwn/n/ZBsY+SRStAqnJSRiCznwz4= =GzM4 -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists