5.5

CVE-2019-6209

Exploit
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPhone OS Version < 12.1.3
ApplemacOS X Version < 10.14.3
AppletvOS Version < 12.1.2
ApplewatchOS Version < 5.1.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.69% 0.883
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://support.apple.com/HT209443
Vendor Advisory
https://support.apple.com/HT209446
Vendor Advisory
https://support.apple.com/HT209447
Vendor Advisory
https://support.apple.com/HT209448
Vendor Advisory
http://www.securityfocus.com/bid/106739
Third Party Advisory
https://www.exploit-db.com/exploits/46285/
Third Party Advisory
Exploit