Published: 05/03/2019 Updated: 06/03/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple iphone os
apple mac os x
apple tv os
apple watchos

There is a memory corruption issue that occurs when processing a malformed RTP video stream in FaceTime It appears to be related to processing textures * thread #7, stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT) * frame #0: 0x00007fff56baaa92 CoreVideo`CVMetalTextureBacking::releaseBackingUsage() + 20 frame #1: 0x00007fff56bae4c4 CoreV ...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-1-22-2 macOS Mojave 10143, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra macOS Mojave 10143, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra are now available and addresses the following: AppleKeyStore Available for: macOS Mojave 1014 ...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-1-22-4 tvOS 1212 tvOS 1212 is now available and addresses the following: AppleKeyStore Available for: Apple TV 4K and Apple TV (4th generation) Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A memory corruption issue was addressed with impr ...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-1-22-1 iOS 1213 iOS 1213 is now available and addresses the following: AppleKeyStore Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A memory corruption is ...

Plug in your iPhone, iPad, iPod, fire up the App Store: You have new Apple patches to install

The Register • Shaun Nichols in San Francisco • 23 Jan 2019

Open the door, get on the floor – not so fast if you've an iPhone 4 Old bugs, new bugs, red bugs … yes, it's Oracle mega-update day again

Apple has emitted a handful of software patches to address security vulnerabilities in iOS, macOS, and various peripherals. The round of updates includes a number of fixes for critical flaws in WebKit, FaceTime, and Mac and iThing kernels. For iOS handhelds, the update is billed as iOS 12.1.3. It applies to iPhone 5s and newer, iPad Air and newer, and iPod Touch 6th generation devices. Fixes for the mobile OS include a man-in-the-middle code execution flaw over Bluetooth (CVE-2019-6200), a remot...

CVE-2019-6224

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

Recent Articles

References

Vulmon Search

About

Products

Connect