CVE-2019-8743
published 2019-12-18CVE-2019-8743: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content…
PriorityP348high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
1.57%
72.4th percentile
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | icloud_for_windows | — | — |
| apple | icloud_for_windows | — | — |
| apple | ios_13.1_and_ipados | — | — |
| apple | itunes_12.10.1_for_windows | — | — |
| apple | safari | — | — |
| apple | tvos | — | — |
| apple | watchos | < 6.1 | 6.1 |
| apple | watchos | — | — |
| apple | watchos | >= unspecified < watchOS 6.1 | watchOS 6.1 |
| debian | webkit2gtk | < webkit2gtk 2.26.0-1 (bookworm) | webkit2gtk 2.26.0-1 (bookworm) |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
vendor_redhat·2019-11-08·CVSS 8.8
CVE-2019-8743 [HIGH] webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
webkitgtk: Multiple memory corruption issues leading to arbitrary code execution
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
Package: webkitgtk (Red Hat Enterprise Linux 6) - Out of support scope
Package: webkitgtk3 (Red Hat Enterprise Linux 7) - Will not fix
Apple
CVE-2019-8743: watchOS 6.1
vendor_apple·2019-10-29·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743: watchOS 6.1
Apple Security Update: About the security content of watchOS 6.1
Product: watchOS
Version: 6.1
CVE: CVE-2019-8743
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
Apple
CVE-2019-8743: iCloud for Windows 7.14
vendor_apple·2019-10-07·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743: iCloud for Windows 7.14
Apple Security Update: About the security content of iCloud for Windows 7.14
Product: iCloud for Windows
Version: 7.14
CVE: CVE-2019-8743
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
Apple
CVE-2019-8743: iTunes 12.10.1 for Windows
vendor_apple·2019-10-07·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743: iTunes 12.10.1 for Windows
Apple Security Update: About the security content of iTunes 12.10.1 for Windows
Product: iTunes 12.10.1 for Windows
CVE: CVE-2019-8743
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
Apple
CVE-2019-8743: iCloud for Windows 10.7
vendor_apple·2019-10-07·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743: iCloud for Windows 10.7
Apple Security Update: About the security content of iCloud for Windows 10.7
Product: iCloud for Windows
Version: 10.7
CVE: CVE-2019-8743
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
Apple
CVE-2019-8743: iOS 13.1 and iPadOS 13.1
vendor_apple·2019-09-24·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743: iOS 13.1 and iPadOS 13.1
Apple Security Update: About the security content of iOS 13.1 and iPadOS 13.1
Product: iOS 13.1 and iPadOS
Version: 13.1
CVE: CVE-2019-8743
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
Apple
CVE-2019-8743: Safari 13.0.1
vendor_apple·2019-09-24·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743: Safari 13.0.1
Apple Security Update: About the security content of Safari 13.0.1
Product: Safari
Version: 13.0.1
CVE: CVE-2019-8743
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
Apple
CVE-2019-8743: tvOS 13
vendor_apple·2019-09-24·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743: tvOS 13
Apple Security Update: About the security content of tvOS 13
Product: tvOS
Version: 13
CVE: CVE-2019-8743
Component: WebKit
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
Debian
CVE-2019-8743: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
vendor_debian·2019·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743: webkit2gtk - Multiple memory corruption issues were addressed with improved memory handling. ...
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
Scope: local
bookworm: resolved (fixed in 2.26.0-1)
bullseye: resolved (fixed in 2.26.0-1)
forky: resolved (fixed in 2.26.0-1)
sid: resolved (fixed in 2.26.0-1)
trixie: resolved (fixed in 2.26.0-1)
GHSA
GHSA-vwxq-9822-h934: Multiple memory corruption issues were addressed with improved memory handling
ghsa_unreviewed·2022-05-24
CVE-2019-8743 [MEDIUM] CWE-119 GHSA-vwxq-9822-h934: Multiple memory corruption issues were addressed with improved memory handling
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
OSV
CVE-2019-8743: Multiple memory corruption issues were addressed with improved memory handling
osv·2019-12-18·CVSS 8.8
CVE-2019-8743 [HIGH] CVE-2019-8743: Multiple memory corruption issues were addressed with improved memory handling
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.
No detection rules found.
No public exploits indexed.
2019-12-18
Published