CVE-2019-6211

HIGH

iPhone OS < 12.1.3 and macOS < 10.14.3 - Remote Code Execution via Malicious Web Content

Title source: llm
STIX 2.1

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3. Processing maliciously crafted web content may lead to arbitrary code execution.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT209446
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT209443

Scores

CVSS v3 8.8
EPSS 0.0121
EPSS Percentile 64.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (2)
apple/iphone_os < 12.1.3
apple/mac_os_x < 10.14.3
Published Mar 05, 2019
Tracked Since Feb 18, 2026