Apple Ios 13.2 And Ipados vulnerabilities

CVE-2019-8786 [HIGH] CVE-2019-8786: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8786 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2019-8815 [HIGH] CVE-2019-8815: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8815 Component: WebKit Process Model Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2019-8796 [MEDIUM] CVE-2019-8796: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8796 Component: AirDrop Impact: AirDrop transfers may be unexpectedly accepted while in Everyone mode Description: A logic issue was addressed with improved validation.

CVE-2019-8793 [MEDIUM] CVE-2019-8793: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8793 Component: Screen Recording Impact: A local user may be able to record the screen without a visible screen recording indicator Description: A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management.

CVE-2019-8794 [MEDIUM] CVE-2019-8794: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8794 Component: Kernel Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization.

CVE-2017-7152 [MEDIUM] CVE-2017-7152: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2017-7152 Component: Contacts Impact: Processing a maliciously contact may lead to UI spoofing Description: An inconsistent user interface issue was addressed with improved state management.

CVE-2019-8789 [MEDIUM] CVE-2019-8789: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8789 Component: Books Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.

CVE-2019-8827 [MEDIUM] CVE-2019-8827: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8827 Component: WebKit Impact: Visiting a maliciously crafted website may reveal the sites a user has visited Description: The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin.

CVE-2019-8813 [MEDIUM] CVE-2019-8813: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8813 Component: WebKit Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management.

CVE-2019-8798 [MEDIUM] CVE-2019-8798: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8798 Component: File System Events Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2019-8804 [MEDIUM] CVE-2019-8804: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-8804 Component: Setup Assistant Impact: An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup Description: An inconsistency in Wi-Fi network configuration settings was addressed.

CVE-2019-15126 [LOW] CVE-2019-15126: iOS 13.2 and iPadOS 13.2 Apple Security Update: About the security content of iOS 13.2 and iPadOS 13.2 Product: iOS 13.2 and iPadOS Version: 13.2 CVE: CVE-2019-15126 Component: Wi-Fi Impact: An attacker in Wi-Fi range may be able to view a small amount of network traffic Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.