CVE-2019-8626: An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted…

CVE-2019-8626 [MEDIUM] CVE-2019-8626: watchOS 5.2.1 Apple Security Update: About the security content of watchOS 5.2.1 Product: watchOS Version: 5.2.1 CVE: CVE-2019-8626 Component: Mail Impact: Processing a maliciously crafted message may lead to a denial of service Description: An input validation issue was addressed with improved input validation.

CVE-2019-8626 [MEDIUM] CVE-2019-8626: iOS 12.3 Apple Security Update: About the security content of iOS 12.3 Product: iOS Version: 12.3 CVE: CVE-2019-8626 Component: Mail Impact: Processing a maliciously crafted message may lead to a denial of service Description: An input validation issue was addressed with improved input validation.

CVE-2019-8626 [MEDIUM] GHSA-mhx8-mm66-fhhv: An input validation issue was addressed with improved input validation An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.

CVE-2019-8613 The Fully Remote Attack Surface of the iPhone - Project Zero Posted by Natalie Silvanovich, Project Zero While there have been several rumours and reports of fully remote vulnerabilities affecting the iPhone being used by attackers in the last couple of years, limited information is available about the technical details of these vulnerabilities, as well as the underlying attack surface they occur in. I investigated the remote, interaction-less attack surface of the iPhone, and found several serious vulnerabilities. Vulnerabilities are considered ‘remote’ when the attacker does not require any physical or network proximity to the target to be able to use the vulnerability. Remote vulnerabilities are described as ‘fully remote’, ‘interaction-less’ or ‘zero click’ when they do not require any physical interaction from the target to be exploited, an