Unrated severityNVD Advisory· Published Mar 5, 2019· Updated Aug 4, 2024

CVE-2019-6234

Description

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected products

osv-coords18 versions
pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.0 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Enterprise%20Storage%204 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSS pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4 pkg:rpm/suse/webkit2gtk3&distro=SUSE%20OpenStack%20Cloud%207
< 2.22.6-lp150.2.12.1+ 17 more
- (no CPE)range: < 2.22.6-lp150.2.12.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-3.18.2
- (no CPE)range: < 2.22.6-3.18.2
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
- (no CPE)range: < 2.22.6-2.35.1
Apple Inc./tvOSv5
Range: unspecified
Apple Inc./Safariv5
Range: unspecified
Apple/iCloud for Windowsv5
Range: unspecified
Apple Inc./iOScpe-rescue
Range: unspecified
Apple/iTunes for Windowsv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

security.gentoo.org/glsa/201903-12mitrevendor-advisoryx_refsource_GENTOO
www.securityfocus.com/bid/106691mitrevdb-entryx_refsource_BID
support.apple.com/HT209443mitrex_refsource_CONFIRM
support.apple.com/HT209447mitrex_refsource_CONFIRM
support.apple.com/HT209449mitrex_refsource_CONFIRM
support.apple.com/HT209450mitrex_refsource_CONFIRM
support.apple.com/HT209451mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000