![]() It succeeded macOS High Sierra and was followed by macOS Catalina. ![]() The operating system's name refers to the Mojave Desert, and is part of a series of California-themed names that began with OS X Mavericks. Mojave was announced at Apple's Worldwide Developers Conference on June 4, 2018, and was released to the public on September 24, 2018. This issue was addressed by adding a confirmation prompt.MacOS Mojave ( / m oʊ ˈ h ɑː v i, m ə-/ mo- HAH-vee version 10.14) is the fifteenth major release of macOS, Apple Inc.'s desktop operating system for Macintosh computers. Impact: An attacker may be able to exfiltrate the contents of an encrypted PDFĭescription: An issue existed in the handling of links in encrypted PDFs. Impact: A malicious application may be able to gain root privilegesĭescription: A validation issue was addressed with improved logic.ĬVE-2019-8802: Csaba Fitzl for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6 ![]() Impact: An application may be able to execute arbitrary code with kernel privilegesĬVE-2019-8709: derrek derrek added November 6, 2019 This was addressed with improved path searching.ĬVE-2019-8801: Hou JingYi of Qihoo 360 CERT Impact: Running the iTunes installer in an untrusted directory may result in arbitrary code executionĭescription: A dynamic library loading issue existed in iTunes setup. Impact: A local user may be able to cause unexpected system termination or read kernel memoryĭescription: An out-of-bounds read was addressed with improved bounds checking.ĬVE-2019-8759: another of 360 Nirvan Team Impact: Processing a malicious shader may result in unexpected application termination or arbitrary code executionĭescription: Multiple memory corruption issues were addressed with improved input validation.ĬVE-2018-12152: Piotr Bania of Cisco TalosĬVE-2018-12153: Piotr Bania of Cisco TalosĬVE-2018-12154: Piotr Bania of Cisco TalosĬVE-2019-8784: Vasiliy Vasilyev and Ilya Finogeev of Webinar, LLCĬVE-2019-8807: Yu Wang of Didi Research America Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code executionĭescription: An out-of-bounds read was addressed with improved input validation.ĬVE-2019-8746: natashenka and Samuel Groß of Google Project Zero working with Trend Micro's Zero Day InitiativeĪvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6 Impact: A malicious application may be able to elevate privilegesĭescription: This issue was addressed by removing the vulnerable code.ĬVE-2019-8509: CodeColorist of Ant-Financial LightYear LabsĪvailable for: macOS High Sierra 10.13.6, macOS Catalina 10.15ĬVE-2019-8798: ABC Research s.r.o. Impact: An attacker in a privileged position may be able to perform a denial of service attackĭescription: A denial of service issue was addressed with improved validation.ĬVE-2019-8737: Pawel Gocyla of ING Tech Poland () Impact: Processing a maliciously crafted string may lead to heap corruptionĭescription: A memory consumption issue was addressed with improved memory handling. Impact: An attacker in a privileged network position may be able to leak sensitive user informationĭescription: An input validation issue was addressed with improved input validation.ĬVE-2019-8736: Pawel Gocyla of ING Tech Poland () Impact: Processing a maliciously crafted audio file may lead to arbitrary code executionĭescription: A memory corruption issue was addressed with improved state management.ĬVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security LabĪvailable for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15ĬVE-2019-8785: Ian Beer of Google Project ZeroĬVE-2019-8797: 08Tc3wBB working with SSD Secure Disclosure This issue was addressed with improved input validation.ĬVE-2019-8788: Juha Lindstedt of Pakastin, Mirko Tanania, Rauli Rikama of Zero Keyboard Ltd Impact: Improper URL processing may lead to data exfiltrationĭescription: An issue existed in the parsing of URLs. Impact: An application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2019-8716: Zhiyi Zhang of Codesafe Team of Legendsec at Qi'anxin Group, Zhuo Liang of Qihoo 360 Vulcan Team Impact: An application may be able to read restricted memoryĭescription: A validation issue was addressed with improved input sanitization.Īvailable for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6 Impact: A local attacker may be able to login to the account of a previously logged in user without valid credentials.ĭescription: An authentication issue was addressed with improved state management.ĬVE-2019-8803: Kiyeon An, 차민규 (CHA Minkyu)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |