CVE-2019-6235

EPSS 2.1%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 2.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

04 Mar 2019Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3, iTunes 12.9.3 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.

Affected products

Apple · iOS Apple · iTunes for Windows Apple · macOS Apple · tvOS Apple · watchOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.apple.com/HT209443 https://support.apple.com/HT209446 https://support.apple.com/HT209447 https://support.apple.com/HT209448 https://support.apple.com/HT209450 http://www.securityfocus.com/bid/106724