cbcvebase.
CVE-2019-6217
published 2019-03-05

CVE-2019-6217: Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3…

PriorityP348high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EPSS
1.84%
76.4th percentile
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary code execution.

Affected

19 ranges
VendorProductVersion rangeFixed in
appleicloud< 7.107.10
appleicloud_for_windows
appleicloud_for_windows>= unspecified < iCloud for Windows 7.10iCloud for Windows 7.10
appleios
appleios>= unspecified < iOS 12.1.3iOS 12.1.3
appleiphone_os< 12.1.312.1.3
appleitunes< 12.9.312.9.3
appleitunes_12.9.3_for_windows
appleitunes_for_windows>= unspecified < iTunes 12.9.3 for WindowsiTunes 12.9.3 for Windows
applesafari< 12.0.312.0.3
applesafari
applesafari>= unspecified < Safari 12.0.3Safari 12.0.3
appletvos< 12.1.212.1.2
appletvos
appletvos>= unspecified < tvOS 12.1.2tvOS 12.1.2
applewatchos< 5.1.35.1.3
applewatchos
applewatchos>= unspecified < watchOS 5.1.3watchOS 5.1.3
debianwebkit2gtk< webkit2gtk 2.22.5-1 (bookworm)webkit2gtk 2.22.5-1 (bookworm)

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.8HIGH
vendor_debian8.8LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.