An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1, iTunes for Windows 12.9.5, iCloud for Windows 7.12. An application may be able to gain elevated privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple icloud |
||
apple itunes |
||
apple safari |
||
apple iphone os |
||
apple mac os x |
||
apple tvos |
||
apple watchos |
You've heard of ROP? Now get a load of QOP
DEF CON At the DEF CON hacking conference in Las Vegas on Saturday, infosec gurus from Check Point are scheduled to describe a technique for exploiting SQLite, a database used in applications across every major desktop and mobile operating system, to gain arbitrary code execution. In a technical summary provided to The Register ahead of their presentation, Check Point's Omer Gull sets out how he and his colleague Omri Herscovici developed techniques referred to as Query Hijacking and Query Orien...