CVE-2019-7287

Known Exploited (CISA KEV)HIGH

7.8

CVSS Severity Score

EPSS Score86.0340%

EPSS Percentile97.23th

Published2019年12月18日

Last Modified2025年10月23日

Vulnerability Description

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.

Affected Platforms (CPE)

💻

Apple

Iphone Os

< 12.1.4

References & Advisories

🔗 https://support.apple.com/HT209520

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-7287

関連する脆弱性情報

CVE-2008-421110.0

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iP...

CVE-2009-220410.0

Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitr...

CVE-2008-230310.0

Integer signedness error in Safari on Apple iPhone before 2.0 and iPod touch before 2.0 allows remote attackers to execute arbitra...

CVE-2010-111910.0

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on ...