cvelistv5 - CVE-2018-4249

CVE-2018-4249 (GCVE-0-2018-4249)

Vulnerability from cvelistv5 – Published: 2018-06-08 00:00 – Updated: 2024-08-05 05:11

Summary

Severity ?

No CVSS data available.

CWE

Assigner

apple

References

URL

Tags

	https://support.apple.com/HT208850
	https://support.apple.com/HT208851
	http://www.securitytracker.com/id/1041027	vdb-entry
	https://lgtm.com/blog/apple_xnu_packet_mangler_CV…
	https://support.apple.com/HT208848
	https://support.apple.com/HT208849
	http://packetstormsecurity.com/files/172828/Apple…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:11:21.476Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208850"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208851"
          },
          {
            "name": "1041027",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041027"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208848"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208849"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-12T00:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "url": "https://support.apple.com/HT208850"
        },
        {
          "url": "https://support.apple.com/HT208851"
        },
        {
          "name": "1041027",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1041027"
        },
        {
          "url": "https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904"
        },
        {
          "url": "https://support.apple.com/HT208848"
        },
        {
          "url": "https://support.apple.com/HT208849"
        },
        {
          "url": "http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2018-4249",
    "datePublished": "2018-06-08T00:00:00",
    "dateReserved": "2018-01-02T00:00:00",
    "dateUpdated": "2024-08-05T05:11:21.476Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.4\", \"matchCriteriaId\": \"32DD3C5C-15D0-4664-BC27-E2B3C7BC672F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.4\", \"matchCriteriaId\": \"618A2297-91F6-4533-B345-1620635CDA93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"10.13.5\", \"matchCriteriaId\": \"B0B9799C-6891-4D51-9E17-92D1407740F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.3.1\", \"matchCriteriaId\": \"AF795052-9805-4CB7-8D94-C81DCABBFCCA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \\\"Kernel\\\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.4, las versiones de macOS anteriores a la 10.13.5, las versiones de tvOS anteriores a la 11.4 y las versiones de watchOS anteriores a la 4.3.1 se han visto afectadas. El problema afecta a pktmnglr_ipfilter_input en com.apple.packet-mangler en el componente \\\"Kernel\\\". Permite a los atacantes ejecutar c\\u00f3digo arbitrario en un contexto privilegiado o provocar una denegaci\\u00f3n de servicio (desbordamiento de enteros y desbordamiento de b\\u00fafer basado en pila) mediante una app manipulada.\"}]",
      "id": "CVE-2018-4249",
      "lastModified": "2024-11-21T04:07:03.227",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2018-06-08T18:29:02.743",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html\", \"source\": \"product-security@apple.com\"}, {\"url\": \"http://www.securitytracker.com/id/1041027\", \"source\": \"product-security@apple.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904\", \"source\": \"product-security@apple.com\", \"tags\": [\"Exploit\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/HT208848\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT208849\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT208850\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT208851\", \"source\": \"product-security@apple.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1041027\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/HT208848\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT208849\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT208850\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.apple.com/HT208851\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "product-security@apple.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-190\"}, {\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-4249\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2018-06-08T18:29:02.743\",\"lastModified\":\"2024-11-21T04:07:03.227\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \\\"Kernel\\\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.4, las versiones de macOS anteriores a la 10.13.5, las versiones de tvOS anteriores a la 11.4 y las versiones de watchOS anteriores a la 4.3.1 se han visto afectadas. El problema afecta a pktmnglr_ipfilter_input en com.apple.packet-mangler en el componente \\\"Kernel\\\". Permite a los atacantes ejecutar c\u00f3digo arbitrario en un contexto privilegiado o provocar una denegaci\u00f3n de servicio (desbordamiento de enteros y desbordamiento de b\u00fafer basado en pila) mediante una app manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.4\",\"matchCriteriaId\":\"32DD3C5C-15D0-4664-BC27-E2B3C7BC672F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.4\",\"matchCriteriaId\":\"618A2297-91F6-4533-B345-1620635CDA93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.13.5\",\"matchCriteriaId\":\"B0B9799C-6891-4D51-9E17-92D1407740F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.3.1\",\"matchCriteriaId\":\"AF795052-9805-4CB7-8D94-C81DCABBFCCA\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securitytracker.com/id/1041027\",\"source\":\"product-security@apple.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904\",\"source\":\"product-security@apple.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT208848\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT208849\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT208850\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT208851\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1041027\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT208848\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT208849\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT208850\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.apple.com/HT208851\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2018-4249

Vulnerability from fkie_nvd - Published: 2018-06-08 18:29 - Updated: 2024-11-21 04:07

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
product-security@apple.com	http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html
product-security@apple.com	http://www.securitytracker.com/id/1041027	Third Party Advisory, VDB Entry
product-security@apple.com	https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904	Exploit, Mitigation, Third Party Advisory
product-security@apple.com	https://support.apple.com/HT208848	Vendor Advisory
product-security@apple.com	https://support.apple.com/HT208849	Vendor Advisory
product-security@apple.com	https://support.apple.com/HT208850	Vendor Advisory
product-security@apple.com	https://support.apple.com/HT208851	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041027	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904	Exploit, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT208848	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT208849	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT208850	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/HT208851	Vendor Advisory

Impacted products

Vendor	Product	Version
apple	apple_tv	*
apple	iphone_os	*
apple	mac_os_x	*
apple	watchos	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32DD3C5C-15D0-4664-BC27-E2B3C7BC672F",
              "versionEndExcluding": "11.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "618A2297-91F6-4533-B345-1620635CDA93",
              "versionEndExcluding": "11.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0B9799C-6891-4D51-9E17-92D1407740F9",
              "versionEndExcluding": "10.13.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF795052-9805-4CB7-8D94-C81DCABBFCCA",
              "versionEndExcluding": "4.3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema en algunos productos Apple. Las versiones de iOS anteriores a la 11.4, las versiones de macOS anteriores a la 10.13.5, las versiones de tvOS anteriores a la 11.4 y las versiones de watchOS anteriores a la 4.3.1 se han visto afectadas. El problema afecta a pktmnglr_ipfilter_input en com.apple.packet-mangler en el componente \"Kernel\". Permite a los atacantes ejecutar c\u00f3digo arbitrario en un contexto privilegiado o provocar una denegaci\u00f3n de servicio (desbordamiento de enteros y desbordamiento de b\u00fafer basado en pila) mediante una app manipulada."
    }
  ],
  "id": "CVE-2018-4249",
  "lastModified": "2024-11-21T04:07:03.227",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-06-08T18:29:02.743",
  "references": [
    {
      "source": "product-security@apple.com",
      "url": "http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041027"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208848"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208849"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208850"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208851"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041027"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208848"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208849"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208850"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/HT208851"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2018-12165

Vulnerability from cnvd - Published: 2018-06-27

Title

多款apple产品拒绝服务漏洞（CNVD-2018-12165）

Description

Apple iOS、macOS High Sierra、tvOS和watchOS都是美国苹果（Apple）公司的产品。Apple iOS是为移动设备所开发的一套操作系统；macOS High Sierra是一套专为Mac计算机所开发的专用操作系统；tvOS是一套智能电视操作系统；watchOS是一套智能手表操作系统。Kernel是其中的一个内核组件。多款apple产品中的com.apple.Packetmangler文件中的Kernel组件的com.apple.packet-mangler存在安全漏洞。攻击者可借助特制的应用程序利用该漏洞造成拒绝服务（整数溢出和栈缓冲区溢出）。

Severity

高

Patch Name

多款apple产品拒绝服务漏洞（CNVD-2018-12165）的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://support.apple.com/zh-cn/HT201222

Reference

https://support.apple.com/en-us/HT208849

Impacted products

Name
['Apple iOS <11.4', 'Apple macOS High Sierra <10.13.5', 'Apple tvOS <11.4', 'Apple watchOS <4.3.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-4249"
    }
  },
  "description": "Apple iOS\u3001macOS High Sierra\u3001tvOS\u548cwatchOS\u90fd\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Apple iOS\u662f\u4e3a\u79fb\u52a8\u8bbe\u5907\u6240\u5f00\u53d1\u7684\u4e00\u5957\u64cd\u4f5c\u7cfb\u7edf\uff1bmacOS High Sierra\u662f\u4e00\u5957\u4e13\u4e3aMac\u8ba1\u7b97\u673a\u6240\u5f00\u53d1\u7684\u4e13\u7528\u64cd\u4f5c\u7cfb\u7edf\uff1btvOS\u662f\u4e00\u5957\u667a\u80fd\u7535\u89c6\u64cd\u4f5c\u7cfb\u7edf\uff1bwatchOS\u662f\u4e00\u5957\u667a\u80fd\u624b\u8868\u64cd\u4f5c\u7cfb\u7edf\u3002Kernel\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5185\u6838\u7ec4\u4ef6\u3002\r\n\r\n\u591a\u6b3eapple\u4ea7\u54c1\u4e2d\u7684com.apple.Packetmangler\u6587\u4ef6\u4e2d\u7684Kernel\u7ec4\u4ef6\u7684com.apple.packet-mangler\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u5e94\u7528\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u6574\u6570\u6ea2\u51fa\u548c\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\uff09\u3002",
  "discovererName": "Kevin Backhouse of Semmle Ltd.",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.apple.com/zh-cn/HT201222",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-12165",
  "openTime": "2018-06-27",
  "patchDescription": "Apple iOS\u3001macOS High Sierra\u3001tvOS\u548cwatchOS\u90fd\u662f\u7f8e\u56fd\u82f9\u679c\uff08Apple\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Apple iOS\u662f\u4e3a\u79fb\u52a8\u8bbe\u5907\u6240\u5f00\u53d1\u7684\u4e00\u5957\u64cd\u4f5c\u7cfb\u7edf\uff1bmacOS High Sierra\u662f\u4e00\u5957\u4e13\u4e3aMac\u8ba1\u7b97\u673a\u6240\u5f00\u53d1\u7684\u4e13\u7528\u64cd\u4f5c\u7cfb\u7edf\uff1btvOS\u662f\u4e00\u5957\u667a\u80fd\u7535\u89c6\u64cd\u4f5c\u7cfb\u7edf\uff1bwatchOS\u662f\u4e00\u5957\u667a\u80fd\u624b\u8868\u64cd\u4f5c\u7cfb\u7edf\u3002Kernel\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5185\u6838\u7ec4\u4ef6\u3002\r\n\r\n\u591a\u6b3eapple\u4ea7\u54c1\u4e2d\u7684com.apple.Packetmangler\u6587\u4ef6\u4e2d\u7684Kernel\u7ec4\u4ef6\u7684com.apple.packet-mangler\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u5e94\u7528\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u6574\u6570\u6ea2\u51fa\u548c\u6808\u7f13\u51b2\u533a\u6ea2\u51fa\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eapple\u4ea7\u54c1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-12165\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Apple  iOS \u003c11.4",
      "Apple macOS High Sierra \u003c10.13.5",
      "Apple tvOS \u003c11.4",
      "Apple watchOS \u003c4.3.1"
    ]
  },
  "referenceLink": "https://support.apple.com/en-us/HT208849",
  "serverity": "\u9ad8",
  "submitTime": "2018-06-04",
  "title": "\u591a\u6b3eapple\u4ea7\u54c1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-12165\uff09"
}

GHSA-H6QW-35GQ-32R3

Vulnerability from github – Published: 2022-05-13 01:20 – Updated: 2022-05-13 01:20

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-4249"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-190",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-06-08T18:29:00Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app.",
  "id": "GHSA-h6qw-35gq-32r3",
  "modified": "2022-05-13T01:20:15Z",
  "published": "2022-05-13T01:20:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-4249"
    },
    {
      "type": "WEB",
      "url": "https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208848"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208849"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208850"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/HT208851"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041027"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2018-AVI-266

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	iCloud pour Windows versions antérieures à 7.5
Apple	Safari	Safari versions antérieures à 11.1.1
Apple	macOS	macOS High Sierra versions antérieures à 10.13.5
Apple	macOS	macOS Sierra sans le correctif de sécurité 2018-003
Apple	macOS	macOS El Capitan sans le correctif de sécurité 2018-003

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT208854 du 1 juin 2018	None	vendor-advisory
Bulletin de sécurité Apple HT208849 du 1 juin 2018	None	vendor-advisory
Bulletin de sécurité Apple HT208853 du 1 juin 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 11.1.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13.5",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sierra sans le correctif de s\u00e9curit\u00e9 2018-003",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS El Capitan sans le correctif de s\u00e9curit\u00e9 2018-003",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-4205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4205"
    },
    {
      "name": "CVE-2018-4253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4253"
    },
    {
      "name": "CVE-2018-4159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4159"
    },
    {
      "name": "CVE-2018-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4229"
    },
    {
      "name": "CVE-2018-4241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4241"
    },
    {
      "name": "CVE-2018-4198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4198"
    },
    {
      "name": "CVE-2018-4225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4225"
    },
    {
      "name": "CVE-2018-4214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4214"
    },
    {
      "name": "CVE-2018-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4227"
    },
    {
      "name": "CVE-2018-7584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7584"
    },
    {
      "name": "CVE-2018-4237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4237"
    },
    {
      "name": "CVE-2018-4201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4201"
    },
    {
      "name": "CVE-2018-4236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4236"
    },
    {
      "name": "CVE-2018-4200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4200"
    },
    {
      "name": "CVE-2018-4196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4196"
    },
    {
      "name": "CVE-2018-4240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4240"
    },
    {
      "name": "CVE-2018-4222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4222"
    },
    {
      "name": "CVE-2018-4233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4233"
    },
    {
      "name": "CVE-2018-4184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4184"
    },
    {
      "name": "CVE-2018-4249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4249"
    },
    {
      "name": "CVE-2018-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4228"
    },
    {
      "name": "CVE-2018-4219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4219"
    },
    {
      "name": "CVE-2018-4223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4223"
    },
    {
      "name": "CVE-2018-4221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4221"
    },
    {
      "name": "CVE-2018-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4230"
    },
    {
      "name": "CVE-2018-4192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4192"
    },
    {
      "name": "CVE-2018-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4226"
    },
    {
      "name": "CVE-2018-4218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4218"
    },
    {
      "name": "CVE-2018-4251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4251"
    },
    {
      "name": "CVE-2018-4171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4171"
    },
    {
      "name": "CVE-2018-4202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4202"
    },
    {
      "name": "CVE-2018-4188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4188"
    },
    {
      "name": "CVE-2018-8897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
    },
    {
      "name": "CVE-2018-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4232"
    },
    {
      "name": "CVE-2018-4193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4193"
    },
    {
      "name": "CVE-2018-4211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4211"
    },
    {
      "name": "CVE-2018-4141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4141"
    },
    {
      "name": "CVE-2018-4246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4246"
    },
    {
      "name": "CVE-2018-4199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4199"
    },
    {
      "name": "CVE-2018-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4242"
    },
    {
      "name": "CVE-2018-4190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4190"
    },
    {
      "name": "CVE-2018-4243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4243"
    },
    {
      "name": "CVE-2018-4224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4224"
    },
    {
      "name": "CVE-2018-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4235"
    },
    {
      "name": "CVE-2018-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4247"
    },
    {
      "name": "CVE-2018-4234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4234"
    },
    {
      "name": "CVE-2018-4204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4204"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-266",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-06-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208854 du 1 juin 2018",
      "url": "https://support.apple.com/en-gb/HT208854"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208849 du 1 juin 2018",
      "url": "https://support.apple.com/en-gb/HT208849"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208853 du 1 juin 2018",
      "url": "https://support.apple.com/en-gb/HT208853"
    }
  ]
}

CERTFR-2018-AVI-266

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	iCloud pour Windows versions antérieures à 7.5
Apple	Safari	Safari versions antérieures à 11.1.1
Apple	macOS	macOS High Sierra versions antérieures à 10.13.5
Apple	macOS	macOS Sierra sans le correctif de sécurité 2018-003
Apple	macOS	macOS El Capitan sans le correctif de sécurité 2018-003

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT208854 du 1 juin 2018	None	vendor-advisory
Bulletin de sécurité Apple HT208849 du 1 juin 2018	None	vendor-advisory
Bulletin de sécurité Apple HT208853 du 1 juin 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Safari versions ant\u00e9rieures \u00e0 11.1.1",
      "product": {
        "name": "Safari",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13.5",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS Sierra sans le correctif de s\u00e9curit\u00e9 2018-003",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "macOS El Capitan sans le correctif de s\u00e9curit\u00e9 2018-003",
      "product": {
        "name": "macOS",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-4205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4205"
    },
    {
      "name": "CVE-2018-4253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4253"
    },
    {
      "name": "CVE-2018-4159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4159"
    },
    {
      "name": "CVE-2018-4229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4229"
    },
    {
      "name": "CVE-2018-4241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4241"
    },
    {
      "name": "CVE-2018-4198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4198"
    },
    {
      "name": "CVE-2018-4225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4225"
    },
    {
      "name": "CVE-2018-4214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4214"
    },
    {
      "name": "CVE-2018-4227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4227"
    },
    {
      "name": "CVE-2018-7584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7584"
    },
    {
      "name": "CVE-2018-4237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4237"
    },
    {
      "name": "CVE-2018-4201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4201"
    },
    {
      "name": "CVE-2018-4236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4236"
    },
    {
      "name": "CVE-2018-4200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4200"
    },
    {
      "name": "CVE-2018-4196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4196"
    },
    {
      "name": "CVE-2018-4240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4240"
    },
    {
      "name": "CVE-2018-4222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4222"
    },
    {
      "name": "CVE-2018-4233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4233"
    },
    {
      "name": "CVE-2018-4184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4184"
    },
    {
      "name": "CVE-2018-4249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4249"
    },
    {
      "name": "CVE-2018-4228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4228"
    },
    {
      "name": "CVE-2018-4219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4219"
    },
    {
      "name": "CVE-2018-4223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4223"
    },
    {
      "name": "CVE-2018-4221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4221"
    },
    {
      "name": "CVE-2018-4230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4230"
    },
    {
      "name": "CVE-2018-4192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4192"
    },
    {
      "name": "CVE-2018-4226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4226"
    },
    {
      "name": "CVE-2018-4218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4218"
    },
    {
      "name": "CVE-2018-4251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4251"
    },
    {
      "name": "CVE-2018-4171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4171"
    },
    {
      "name": "CVE-2018-4202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4202"
    },
    {
      "name": "CVE-2018-4188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4188"
    },
    {
      "name": "CVE-2018-8897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
    },
    {
      "name": "CVE-2018-4232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4232"
    },
    {
      "name": "CVE-2018-4193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4193"
    },
    {
      "name": "CVE-2018-4211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4211"
    },
    {
      "name": "CVE-2018-4141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4141"
    },
    {
      "name": "CVE-2018-4246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4246"
    },
    {
      "name": "CVE-2018-4199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4199"
    },
    {
      "name": "CVE-2018-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4242"
    },
    {
      "name": "CVE-2018-4190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4190"
    },
    {
      "name": "CVE-2018-4243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4243"
    },
    {
      "name": "CVE-2018-4224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4224"
    },
    {
      "name": "CVE-2018-4235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4235"
    },
    {
      "name": "CVE-2018-4247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4247"
    },
    {
      "name": "CVE-2018-4234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4234"
    },
    {
      "name": "CVE-2018-4204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-4204"
    }
  ],
  "links": [],
  "reference": "CERTFR-2018-AVI-266",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-06-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208854 du 1 juin 2018",
      "url": "https://support.apple.com/en-gb/HT208854"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208849 du 1 juin 2018",
      "url": "https://support.apple.com/en-gb/HT208849"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT208853 du 1 juin 2018",
      "url": "https://support.apple.com/en-gb/HT208853"
    }
  ]
}

VAR-201806-1451

Vulnerability from variot - Updated: 2023-12-18 11:30

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. The com.apple.packet-mangler of the Kernel component in the com.apple.Packetmangler file in several Apple products has a security vulnerability. The following products and versions are affected: Apple iOS prior to 11.4; macOS High Sierra prior to 10.13.5; tvOS prior to 11.4; watchOS prior to 4.3.1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

APPLE-SA-2018-7-23-2 Additional information for APPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan

macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and Security Update 2018-003 El Capitan address the following:

Accessibility Framework Available for: macOS High Sierra 10.13.4 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An information disclosure issue existed in Accessibility Framework. This issue was addressed with improved memory management. CVE-2018-4196: G. Geshev working with Trend Micro's Zero Day Initiative, an anonymous researcher

AMD Available for: macOS High Sierra 10.13.4 Impact: A local user may be able to read kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. CVE-2018-4253: shrek_wzw of Qihoo 360 Nirvan Team

apache_mod_php Available for: macOS High Sierra 10.13.4 Impact: Issues in php were addressed in this update Description: This issue was addressed by updating to php version 7.1.16. CVE-2018-7584: Wei Lei and Liu Yang of Nanyang Technological University

ATS Available for: macOS High Sierra 10.13.4 Impact: A malicious application may be able to elevate privileges Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4219: Mohamed Ghannam (@_simo36)

Bluetooth Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: A malicious application may be able to determine kernel memory layout. Description: An information disclosure issue existed in device properties. This issue was addressed with improved object management. CVE-2018-4171: shrek_wzw of Qihoo 360 Nirvan Team

Bluetooth Available for: MacBook Pro (Retina, 15-inch, Mid 2015), MacBook Pro (Retina, 15-inch, 2015), MacBook Pro (Retina, 13-inch, Early 2015), MacBook Pro (15-inch, 2017), MacBook Pro (15-inch, 2016), MacBook Pro (13-inch, Late 2016, Two Thunderbolt 3 Ports), MacBook Pro (13-inch, Late 2016, Four Thunderbolt 3 Ports), MacBook Pro (13-inch, 2017, Four Thunderbolt 3 Ports), MacBook (Retina, 12-inch, Early 2016), MacBook (Retina, 12-inch, Early 2015), MacBook (Retina, 12-inch, 2017), iMac Pro, iMac (Retina 5K, 27-inch, Late 2015), iMac (Retina 5K, 27-inch, 2017), iMac (Retina 4K, 21.5-inch, Late 2015), iMac (Retina 4K, 21.5-inch, 2017), iMac (21.5-inch, Late 2015), and iMac (21.5-inch, 2017) Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2018-5383: Lior Neumann and Eli Biham Entry added July 23, 2018

Firmware Available for: macOS High Sierra 10.13.4 Impact: A malicious application with root privileges may be able to modify the EFI flash memory region Description: A device configuration issue was addressed with an updated configuration. CVE-2018-4251: Maxim Goryachy and Mark Ermolov

FontParser Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4 Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4211: Proteas of Qihoo 360 Nirvan Team

Grand Central Dispatch Available for: macOS High Sierra 10.13.4 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An issue existed in parsing entitlement plists. This issue was addressed with improved input validation. CVE-2018-4229: Jakob Rieck (@0xdead10cc) of the Security in Distributed Systems Group, University of Hamburg

Graphics Drivers Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4159: Axis and pjf of IceSword Lab of Qihoo 360

Hypervisor Available for: macOS High Sierra 10.13.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2018-4242: Zhuo Liang of Qihoo 360 Nirvan Team

iBooks Available for: macOS High Sierra 10.13.4 Impact: An attacker in a privileged network position may be able to spoof password prompts in iBooks Description: An input validation issue was addressed with improved input validation. CVE-2018-4202: Jerry Decime

Intel Graphics Driver Available for: macOS High Sierra 10.13.4 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4141: an anonymous researcher, Zhao Qixun (@S0rryMybad) of Qihoo 360 Vulcan Team

IOFireWireAVC Available for: macOS High Sierra 10.13.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2018-4228: Benjamin Gnahm (@mitp0sh) of Mentor Graphics

IOGraphics Available for: macOS High Sierra 10.13.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4236: Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team

IOHIDFamily Available for: macOS High Sierra 10.13.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4234: Proteas of Qihoo 360 Nirvan Team

Kernel Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4 Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4249: Kevin Backhouse of Semmle Ltd.

Kernel Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: In some circumstances, some operating systems may not expect or properly handle an Intel architecture debug exception after certain instructions. The issue appears to be from an undocumented side effect of the instructions. An attacker might utilize this exception handling to gain access to Ring 0 and access sensitive memory or control operating system processes. CVE-2018-8897: Andy Lutomirski, Nick Peterson (linkedin.com/in/everdox) of Everdox Tech LLC

Kernel Available for: macOS High Sierra 10.13.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2018-4241: Ian Beer of Google Project Zero CVE-2018-4243: Ian Beer of Google Project Zero

libxpc Available for: macOS High Sierra 10.13.4 Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved validation. CVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro's Zero Day Initiative

Mail Available for: macOS High Sierra 10.13.4 Impact: An attacker may be able to exfiltrate the contents of S/MIME-encrypted e-mail Description: An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. CVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences , Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum

Messages Available for: macOS High Sierra 10.13.4 Impact: A local user may be able to conduct impersonation attacks Description: An injection issue was addressed with improved input validation. CVE-2018-4235: Anurodh Pokharel of Salesforce.com

Messages Available for: macOS High Sierra 10.13.4 Impact: Processing a maliciously crafted message may lead to a denial of service Description: This issue was addressed with improved message validation. CVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd

NVIDIA Graphics Drivers Available for: macOS High Sierra 10.13.4 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2018-4230: Ian Beer of Google Project Zero

Security Available for: macOS High Sierra 10.13.4 Impact: A local user may be able to read a persistent account identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4223: Abraham Masri (@cheesecakeufo)

Security Available for: macOS High Sierra 10.13.4 Impact: Users may be tracked by malicious websites using client certificates Description: An issue existed in the handling of S-MIME certificaties. This issue was addressed with improved validation of S-MIME certificates. CVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied Sciences, Christian Dresen of MA1/4nster University of Applied Sciences , Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster University of Applied Sciences, Sebastian Schinzel of MA1/4nster University of Applied Sciences, Simon Friedberger of KU Leuven, Juraj Somorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr University Bochum

Security Available for: macOS High Sierra 10.13.4 Impact: A local user may be able to read a persistent device identifier Description: An authorization issue was addressed with improved state management. CVE-2018-4224: Abraham Masri (@cheesecakeufo)

Security Available for: macOS High Sierra 10.13.4 Impact: A local user may be able to modify the state of the Keychain Description: An authorization issue was addressed with improved state management. CVE-2018-4225: Abraham Masri (@cheesecakeufo)

Security Available for: macOS High Sierra 10.13.4 Impact: A local user may be able to view sensitive user information Description: An authorization issue was addressed with improved state management. CVE-2018-4226: Abraham Masri (@cheesecakeufo)

Speech Available for: macOS High Sierra 10.13.4 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A sandbox issue existed in the handling of microphone access. This issue was addressed with improved handling of microphone access. CVE-2018-4184: Jakob Rieck (@0xdead10cc) of the Security in Distributed Systems Group, University of Hamburg

UIKit Available for: macOS High Sierra 10.13.4 Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A validation issue existed in the handling of text. This issue was addressed with improved validation of text. CVE-2018-4198: Hunter Byrnes

Windows Server Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.4 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4193: Markus Gaasedelen, Nick Burnett, and Patrick Biernat of Ret2 Systems, Inc working with Trend Micro's Zero Day Initiative, Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative

Installation note:

macOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and Security Update 2018-003 El Capitan may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUsfgACgkQ8ecVjteJ iCafWxAAhgLQIu5BifHdgdN31zuPc8tIhsIAuDiAOXJX9JopRhlbs9KrQCNdz/x2 qDiCmneKttwVIhu9Os3WHLNrSxiWCphz7zhD2WIhN3H7/eF9CE2Po8BJHeZGm22K grdfcc27eGN8AusFxRZ1HfhtCToDVNVDkbwO2nnZ0odEO1cZS8Ray2vcgcX0tRD/ X44amocIlVmC67GgwCH4+MSCdjyXcr6HSYiUcRSOuUFTWD3Q6FF3w5CfS6DMb3UO eUUJxExueT82InZHpL6qeuQprncqsJdtZqvK++YlAfMiFm6ePJHS4sQpvoxHIWv5 yDycGl0hc+pzO8icM1ayTFh8Ei+Txv69QKdUC8rTdiqvFh4/Le4dbh4rcmP3EXb5 JMaeIuuB7Pvvm2YXoRjz0HhIG6874lci7YX0fS/+IbkSuadd4F6TOiMnFNnO9IuC jvu9/f/+HA3e7meFA4Ori4TKW6UALPgpl9X6ohCzFDRVD7kHHmmWn4sCgcnovr8Q BJZCapHtS7cS6vGHk0auj2wLgeEUbyRGhI3F1WPIm/+e6y+cAiWqBmUBjVTOp5S+ KZEtw/BaRjFbgx97hwB+QA0AY8yzevAQMdyzqanUNhGCfWp3WfChUNESmRdrNUWy HDu7kphbN9EUETBHBEdA7ZE4qsP+70a6JTJ+SZ+7vB+YkrOabLU= =kM8d -----END PGP SIGNATURE----- . CVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils of MWR Labs working with Trend Micro's Zero Day Initiative

WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Visiting a maliciously crafted website may leak sensitive data Description: Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method. CVE-2018-4222: Natalie Silvanovich of Google Project Zero

Installation note:

Apple TV will periodically check for software updates.

Alternatively, on your watch, select "My Watch > General > About"

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201806-1451",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "watchos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "4.3.1"
      },
      {
        "model": "mac os x",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.13.5"
      },
      {
        "model": "iphone os",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "11.4"
      },
      {
        "model": "tv",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "11.4"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.11.6"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.12.6"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.13.4"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "11.4   (ipad air or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "11.4   (iphone 5s or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "11.4   (ipod touch first  6 generation )"
      },
      {
        "model": "tvos",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "11.4   (apple tv 4k)"
      },
      {
        "model": "tvos",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "11.4   (apple tv first  4 generation )"
      },
      {
        "model": "watchos",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "4.3.1   (apple watch all models )"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.5.0"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.4"
      },
      {
        "model": "iphone os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "6.0.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.3.7"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.3.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.3.6"
      },
      {
        "model": "watchos",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.3.9"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.3.5"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.3.8"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4249"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-587"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.13.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.3.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-4249"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "148642"
      },
      {
        "db": "PACKETSTORM",
        "id": "148645"
      },
      {
        "db": "PACKETSTORM",
        "id": "148644"
      },
      {
        "db": "PACKETSTORM",
        "id": "148026"
      },
      {
        "db": "PACKETSTORM",
        "id": "148027"
      },
      {
        "db": "PACKETSTORM",
        "id": "148015"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2018-4249",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2018-4249",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-134280",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-4249",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-4249",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201806-587",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-134280",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-4249",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-134280"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-4249"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4249"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-587"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app. Apple iOS, macOS High Sierra, tvOS, and watchOS are all products of Apple Inc. in the United States. Apple iOS is an operating system developed for mobile devices; macOS High Sierra is a dedicated operating system developed for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system. The com.apple.packet-mangler of the Kernel component in the com.apple.Packetmangler file in several Apple products has a security vulnerability. The following products and versions are affected: Apple iOS prior to 11.4; macOS High Sierra prior to 10.13.5; tvOS prior to 11.4; watchOS prior to 4.3.1. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2018-7-23-2 Additional information for\nAPPLE-SA-2018-06-01-1 macOS High Sierra 10.13.5, Security Update\n2018-003 Sierra, Security Update 2018-003 El Capitan\n\nmacOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and\nSecurity Update 2018-003 El Capitan address the following:\n\nAccessibility Framework\nAvailable for: macOS High Sierra 10.13.4\nImpact: A malicious application may be able to execute arbitrary code\nwith system privileges\nDescription: An information disclosure issue existed in Accessibility\nFramework. This issue was addressed with improved memory management. \nCVE-2018-4196: G. Geshev working with Trend Micro\u0027s Zero Day\nInitiative, an anonymous researcher\n\nAMD\nAvailable for: macOS High Sierra 10.13.4\nImpact: A local user may be able to read kernel memory\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed with improved input\nvalidation. \nCVE-2018-4253: shrek_wzw of Qihoo 360 Nirvan Team\n\napache_mod_php\nAvailable for: macOS High Sierra 10.13.4\nImpact: Issues in php were addressed in this update\nDescription: This issue was addressed by updating to php version\n7.1.16. \nCVE-2018-7584: Wei Lei and Liu Yang of Nanyang Technological\nUniversity\n\nATS\nAvailable for: macOS High Sierra 10.13.4\nImpact: A malicious application may be able to elevate privileges\nDescription: A type confusion issue was addressed with improved\nmemory handling. \nCVE-2018-4219: Mohamed Ghannam (@_simo36)\n\nBluetooth\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6\nImpact: A malicious application may be able to determine kernel\nmemory layout. \nDescription: An information disclosure issue existed in device\nproperties. This issue was addressed with improved object management. \nCVE-2018-4171: shrek_wzw of Qihoo 360 Nirvan Team\n\nBluetooth\nAvailable for: MacBook Pro (Retina, 15-inch, Mid 2015), MacBook Pro\n(Retina, 15-inch, 2015), MacBook Pro (Retina, 13-inch, Early 2015),\nMacBook Pro (15-inch, 2017), MacBook Pro (15-inch, 2016),\nMacBook Pro (13-inch, Late 2016, Two Thunderbolt 3 Ports),\nMacBook Pro (13-inch, Late 2016, Four Thunderbolt 3 Ports),\nMacBook Pro (13-inch, 2017, Four Thunderbolt 3 Ports),\nMacBook (Retina, 12-inch, Early 2016), MacBook\n(Retina, 12-inch, Early 2015), MacBook (Retina, 12-inch, 2017),\niMac Pro, iMac (Retina 5K, 27-inch, Late 2015), iMac\n(Retina 5K, 27-inch, 2017), iMac (Retina 4K, 21.5-inch, Late 2015),\niMac (Retina 4K, 21.5-inch, 2017), iMac (21.5-inch, Late 2015), and\niMac (21.5-inch, 2017)\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic\nDescription: An input validation issue existed in Bluetooth. This\nissue was addressed with improved input validation. \nCVE-2018-5383: Lior Neumann and Eli Biham\nEntry added July 23, 2018\n\nFirmware\nAvailable for: macOS High Sierra 10.13.4\nImpact: A malicious application with root privileges may be able to\nmodify the EFI flash memory region\nDescription: A device configuration issue was addressed with an\nupdated configuration. \nCVE-2018-4251: Maxim Goryachy and Mark Ermolov\n\nFontParser\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS\nHigh Sierra 10.13.4\nImpact: Processing a maliciously crafted font file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2018-4211: Proteas of Qihoo 360 Nirvan Team\n\nGrand Central Dispatch\nAvailable for: macOS High Sierra 10.13.4\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: An issue existed in parsing entitlement plists. This\nissue was addressed with improved input validation. \nCVE-2018-4229: Jakob Rieck (@0xdead10cc) of the Security in\nDistributed Systems Group, University of Hamburg\n\nGraphics Drivers\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS\nHigh Sierra 10.13.4\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4159: Axis and pjf of IceSword Lab of Qihoo 360\n\nHypervisor\nAvailable for: macOS High Sierra 10.13.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption vulnerability was addressed with\nimproved locking. \nCVE-2018-4242: Zhuo Liang of Qihoo 360 Nirvan Team\n\niBooks\nAvailable for: macOS High Sierra 10.13.4\nImpact: An attacker in a privileged network position may be able to\nspoof password prompts in iBooks\nDescription: An input validation issue was addressed with improved\ninput validation. \nCVE-2018-4202: Jerry Decime\n\nIntel Graphics Driver\nAvailable for: macOS High Sierra 10.13.4\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4141: an anonymous researcher, Zhao Qixun (@S0rryMybad) of\nQihoo 360 Vulcan Team\n\nIOFireWireAVC\nAvailable for: macOS High Sierra 10.13.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A race condition was addressed with improved locking. \nCVE-2018-4228: Benjamin Gnahm (@mitp0sh) of Mentor Graphics\n\nIOGraphics\nAvailable for: macOS High Sierra 10.13.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4236: Zhao Qixun(@S0rryMybad) of Qihoo 360 Vulcan Team\n\nIOHIDFamily\nAvailable for: macOS High Sierra 10.13.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4234: Proteas of Qihoo 360 Nirvan Team\n\nKernel\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS\nHigh Sierra 10.13.4\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4249: Kevin Backhouse of Semmle Ltd. \n\nKernel\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: In some circumstances, some operating systems may not\nexpect or properly handle an Intel architecture debug exception after\ncertain instructions. The issue appears to be from an undocumented\nside effect of the instructions. An attacker might utilize this\nexception handling to gain access to Ring 0 and access sensitive\nmemory or control operating system processes. \nCVE-2018-8897: Andy Lutomirski, Nick Peterson\n(linkedin.com/in/everdox) of Everdox Tech LLC\n\nKernel\nAvailable for: macOS High Sierra 10.13.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A buffer overflow was addressed with improved bounds\nchecking. \nCVE-2018-4241: Ian Beer of Google Project Zero\nCVE-2018-4243: Ian Beer of Google Project Zero\n\nlibxpc\nAvailable for: macOS High Sierra 10.13.4\nImpact: An application may be able to gain elevated privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2018-4237: Samuel GroA (@5aelo) working with Trend Micro\u0027s Zero\nDay Initiative\n\nMail\nAvailable for: macOS High Sierra 10.13.4\nImpact: An attacker may be able to exfiltrate the contents of\nS/MIME-encrypted e-mail\nDescription: An issue existed in the handling of encrypted Mail. This\nissue was addressed with improved isolation of MIME in Mail. \nCVE-2018-4227: Damian Poddebniak of MA1/4nster University of Applied\nSciences, Christian Dresen of MA1/4nster University of Applied Sciences\n, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster\nUniversity of Applied Sciences, Sebastian Schinzel of MA1/4nster\nUniversity of Applied Sciences, Simon Friedberger of KU Leuven, Juraj\nSomorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr\nUniversity Bochum\n\nMessages\nAvailable for: macOS High Sierra 10.13.4\nImpact: A local user may be able to conduct impersonation attacks\nDescription: An injection issue was addressed with improved input\nvalidation. \nCVE-2018-4235: Anurodh Pokharel of Salesforce.com\n\nMessages\nAvailable for: macOS High Sierra 10.13.4\nImpact: Processing a maliciously crafted message may lead to a denial\nof service\nDescription: This issue was addressed with improved message\nvalidation. \nCVE-2018-4240: Sriram (@Sri_Hxor) of PrimeFort Pvt. Ltd\n\nNVIDIA Graphics Drivers\nAvailable for: macOS High Sierra 10.13.4\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A race condition was addressed with improved locking. \nCVE-2018-4230: Ian Beer of Google Project Zero\n\nSecurity\nAvailable for: macOS High Sierra 10.13.4\nImpact: A local user may be able to read a persistent account\nidentifier\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4223: Abraham Masri (@cheesecakeufo)\n\nSecurity\nAvailable for: macOS High Sierra 10.13.4\nImpact: Users may be tracked by malicious websites using client\ncertificates\nDescription: An issue existed in the handling of S-MIME\ncertificaties. This issue was addressed with improved validation of\nS-MIME certificates. \nCVE-2018-4221: Damian Poddebniak of MA1/4nster University of Applied\nSciences, Christian Dresen of MA1/4nster University of Applied Sciences\n, Jens MA1/4ller of Ruhr University Bochum, Fabian Ising of MA1/4nster\nUniversity of Applied Sciences, Sebastian Schinzel of MA1/4nster\nUniversity of Applied Sciences, Simon Friedberger of KU Leuven, Juraj\nSomorovsky of Ruhr University Bochum, JAPrg Schwenk of Ruhr\nUniversity Bochum\n\nSecurity\nAvailable for: macOS High Sierra 10.13.4\nImpact: A local user may be able to read a persistent device\nidentifier\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4224: Abraham Masri (@cheesecakeufo)\n\nSecurity\nAvailable for: macOS High Sierra 10.13.4\nImpact: A local user may be able to modify the state of the Keychain\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4225: Abraham Masri (@cheesecakeufo)\n\nSecurity\nAvailable for: macOS High Sierra 10.13.4\nImpact: A local user may be able to view sensitive user information\nDescription: An authorization issue was addressed with improved state\nmanagement. \nCVE-2018-4226: Abraham Masri (@cheesecakeufo)\n\nSpeech\nAvailable for: macOS High Sierra 10.13.4\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: A sandbox issue existed in the handling of microphone\naccess. This issue was addressed with improved handling of microphone\naccess. \nCVE-2018-4184: Jakob Rieck (@0xdead10cc) of the Security in\nDistributed Systems Group, University of Hamburg\n\nUIKit\nAvailable for: macOS High Sierra 10.13.4\nImpact: Processing a maliciously crafted text file may lead to a\ndenial of service\nDescription: A validation issue existed in the handling of text. This\nissue was addressed with improved validation of text. \nCVE-2018-4198: Hunter Byrnes\n\nWindows Server\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS\nHigh Sierra 10.13.4\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4193: Markus Gaasedelen, Nick Burnett, and Patrick Biernat\nof Ret2 Systems, Inc working with Trend Micro\u0027s Zero Day Initiative,\nRichard Zhu (fluorescence) working with Trend Micro\u0027s Zero Day\nInitiative\n\nInstallation note:\n\nmacOS High Sierra 10.13.5, Security Update 2018-003 Sierra, and\nSecurity Update 2018-003 El Capitan may be obtained from the\nMac App Store or Apple\u0027s Software Downloads web site:\nhttps://support.apple.com/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltUsfgACgkQ8ecVjteJ\niCafWxAAhgLQIu5BifHdgdN31zuPc8tIhsIAuDiAOXJX9JopRhlbs9KrQCNdz/x2\nqDiCmneKttwVIhu9Os3WHLNrSxiWCphz7zhD2WIhN3H7/eF9CE2Po8BJHeZGm22K\ngrdfcc27eGN8AusFxRZ1HfhtCToDVNVDkbwO2nnZ0odEO1cZS8Ray2vcgcX0tRD/\nX44amocIlVmC67GgwCH4+MSCdjyXcr6HSYiUcRSOuUFTWD3Q6FF3w5CfS6DMb3UO\neUUJxExueT82InZHpL6qeuQprncqsJdtZqvK++YlAfMiFm6ePJHS4sQpvoxHIWv5\nyDycGl0hc+pzO8icM1ayTFh8Ei+Txv69QKdUC8rTdiqvFh4/Le4dbh4rcmP3EXb5\nJMaeIuuB7Pvvm2YXoRjz0HhIG6874lci7YX0fS/+IbkSuadd4F6TOiMnFNnO9IuC\njvu9/f/+HA3e7meFA4Ori4TKW6UALPgpl9X6ohCzFDRVD7kHHmmWn4sCgcnovr8Q\nBJZCapHtS7cS6vGHk0auj2wLgeEUbyRGhI3F1WPIm/+e6y+cAiWqBmUBjVTOp5S+\nKZEtw/BaRjFbgx97hwB+QA0AY8yzevAQMdyzqanUNhGCfWp3WfChUNESmRdrNUWy\nHDu7kphbN9EUETBHBEdA7ZE4qsP+70a6JTJ+SZ+7vB+YkrOabLU=\n=kM8d\n-----END PGP SIGNATURE-----\n. \nCVE-2018-4199: Alex Plaskett, Georgi Geshev, Fabi Beterke, and Nils\nof MWR Labs working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: Apple TV 4K and Apple TV (4th generation)\nImpact: Visiting a maliciously crafted website may leak sensitive\ndata\nDescription: Credentials were unexpectedly sent when fetching CSS\nmask images. This was addressed by using a CORS-enabled fetch method. \nCVE-2018-4222: Natalie Silvanovich of Google Project Zero\n\nInstallation note:\n\nApple TV will periodically check for software updates. \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\"",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-4249"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "db": "VULHUB",
        "id": "VHN-134280"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-4249"
      },
      {
        "db": "PACKETSTORM",
        "id": "148642"
      },
      {
        "db": "PACKETSTORM",
        "id": "148645"
      },
      {
        "db": "PACKETSTORM",
        "id": "148644"
      },
      {
        "db": "PACKETSTORM",
        "id": "148026"
      },
      {
        "db": "PACKETSTORM",
        "id": "148027"
      },
      {
        "db": "PACKETSTORM",
        "id": "148015"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-4249",
        "trust": 3.2
      },
      {
        "db": "SECTRACK",
        "id": "1041027",
        "trust": 1.8
      },
      {
        "db": "PACKETSTORM",
        "id": "172828",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU98864649",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-587",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-134280",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-4249",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148642",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148645",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148644",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148026",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148027",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "148015",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-134280"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-4249"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "db": "PACKETSTORM",
        "id": "148642"
      },
      {
        "db": "PACKETSTORM",
        "id": "148645"
      },
      {
        "db": "PACKETSTORM",
        "id": "148644"
      },
      {
        "db": "PACKETSTORM",
        "id": "148026"
      },
      {
        "db": "PACKETSTORM",
        "id": "148027"
      },
      {
        "db": "PACKETSTORM",
        "id": "148015"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4249"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-587"
      }
    ]
  },
  "id": "VAR-201806-1451",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-134280"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:30:41.705000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT208848",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht208848"
      },
      {
        "title": "HT208849",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht208849"
      },
      {
        "title": "HT208850",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht208850"
      },
      {
        "title": "HT208851",
        "trust": 0.8,
        "url": "https://support.apple.com/en-us/ht208851"
      },
      {
        "title": "HT208848",
        "trust": 0.8,
        "url": "https://support.apple.com/ja-jp/ht208848"
      },
      {
        "title": "HT208849",
        "trust": 0.8,
        "url": "https://support.apple.com/ja-jp/ht208849"
      },
      {
        "title": "HT208850",
        "trust": 0.8,
        "url": "https://support.apple.com/ja-jp/ht208850"
      },
      {
        "title": "HT208851",
        "trust": 0.8,
        "url": "https://support.apple.com/ja-jp/ht208851"
      },
      {
        "title": "Multiple Apple product Kernel Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=80781"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-587"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-190",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-134280"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4249"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://support.apple.com/ht208848"
      },
      {
        "trust": 1.8,
        "url": "https://support.apple.com/ht208849"
      },
      {
        "trust": 1.8,
        "url": "https://support.apple.com/ht208850"
      },
      {
        "trust": 1.8,
        "url": "https://support.apple.com/ht208851"
      },
      {
        "trust": 1.8,
        "url": "https://lgtm.com/blog/apple_xnu_packet_mangler_cve-2017-13904"
      },
      {
        "trust": 1.8,
        "url": "http://www.securitytracker.com/id/1041027"
      },
      {
        "trust": 1.7,
        "url": "http://packetstormsecurity.com/files/172828/apple-packet-mangler-remote-code-execution.html"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4249"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4249"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98864649/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://support.apple.com/kb/ht201222"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4235"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4243"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4224"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4198"
      },
      {
        "trust": 0.6,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4240"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4237"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4223"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4211"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4241"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4225"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4226"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4233"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4246"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4214"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4192"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4201"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4222"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4206"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4218"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4219"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4184"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4230"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4141"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4228"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4202"
      },
      {
        "trust": 0.2,
        "url": "https://support.apple.com/downloads/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4196"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4229"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4234"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4159"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4193"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4221"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4236"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4242"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4227"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4171"
      },
      {
        "trust": 0.2,
        "url": "https://support.apple.com/kb/ht204641"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-5383"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4190"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4188"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4232"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4204"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4200"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-4199"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/190.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "http://seclists.org/fulldisclosure/2018/jul/83"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-134280"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-4249"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "db": "PACKETSTORM",
        "id": "148642"
      },
      {
        "db": "PACKETSTORM",
        "id": "148645"
      },
      {
        "db": "PACKETSTORM",
        "id": "148644"
      },
      {
        "db": "PACKETSTORM",
        "id": "148026"
      },
      {
        "db": "PACKETSTORM",
        "id": "148027"
      },
      {
        "db": "PACKETSTORM",
        "id": "148015"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4249"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-587"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-134280"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-4249"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "db": "PACKETSTORM",
        "id": "148642"
      },
      {
        "db": "PACKETSTORM",
        "id": "148645"
      },
      {
        "db": "PACKETSTORM",
        "id": "148644"
      },
      {
        "db": "PACKETSTORM",
        "id": "148026"
      },
      {
        "db": "PACKETSTORM",
        "id": "148027"
      },
      {
        "db": "PACKETSTORM",
        "id": "148015"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-4249"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-587"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-06-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-134280"
      },
      {
        "date": "2018-06-08T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-4249"
      },
      {
        "date": "2018-07-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "date": "2018-07-23T13:02:22",
        "db": "PACKETSTORM",
        "id": "148642"
      },
      {
        "date": "2018-07-23T15:22:22",
        "db": "PACKETSTORM",
        "id": "148645"
      },
      {
        "date": "2018-07-23T14:04:44",
        "db": "PACKETSTORM",
        "id": "148644"
      },
      {
        "date": "2018-06-04T16:09:27",
        "db": "PACKETSTORM",
        "id": "148026"
      },
      {
        "date": "2018-06-04T16:10:01",
        "db": "PACKETSTORM",
        "id": "148027"
      },
      {
        "date": "2018-06-01T18:32:22",
        "db": "PACKETSTORM",
        "id": "148015"
      },
      {
        "date": "2018-06-08T18:29:02.743000",
        "db": "NVD",
        "id": "CVE-2018-4249"
      },
      {
        "date": "2018-06-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201806-587"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-08-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-134280"
      },
      {
        "date": "2023-06-12T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-4249"
      },
      {
        "date": "2018-07-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      },
      {
        "date": "2023-06-12T07:15:10.247000",
        "db": "NVD",
        "id": "CVE-2018-4249"
      },
      {
        "date": "2023-06-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201806-587"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-587"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Apple Vulnerability in the kernel component of a product that allows arbitrary code execution in privileged contexts",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-005521"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "overflow, code execution",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "148642"
      },
      {
        "db": "PACKETSTORM",
        "id": "148645"
      },
      {
        "db": "PACKETSTORM",
        "id": "148644"
      },
      {
        "db": "PACKETSTORM",
        "id": "148026"
      },
      {
        "db": "PACKETSTORM",
        "id": "148027"
      },
      {
        "db": "PACKETSTORM",
        "id": "148015"
      }
    ],
    "trust": 0.6
  }
}

GSD-2018-4249

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-4249

Aliases

CVE-2018-4249

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-4249",
    "description": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app.",
    "id": "GSD-2018-4249"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-4249"
      ],
      "details": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app.",
      "id": "GSD-2018-4249",
      "modified": "2023-12-13T01:22:28.586372Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2018-4249",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://support.apple.com/HT208850",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT208850"
          },
          {
            "name": "https://support.apple.com/HT208851",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT208851"
          },
          {
            "name": "1041027",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1041027"
          },
          {
            "name": "https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904",
            "refsource": "MISC",
            "url": "https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904"
          },
          {
            "name": "https://support.apple.com/HT208848",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT208848"
          },
          {
            "name": "https://support.apple.com/HT208849",
            "refsource": "CONFIRM",
            "url": "https://support.apple.com/HT208849"
          },
          {
            "name": "http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.13.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:apple_tv:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "11.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.3.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2018-4249"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the \"Kernel\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                },
                {
                  "lang": "en",
                  "value": "CWE-190"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.apple.com/HT208851",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT208851"
            },
            {
              "name": "https://support.apple.com/HT208850",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT208850"
            },
            {
              "name": "https://support.apple.com/HT208849",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT208849"
            },
            {
              "name": "https://support.apple.com/HT208848",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.apple.com/HT208848"
            },
            {
              "name": "https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Mitigation",
                "Third Party Advisory"
              ],
              "url": "https://lgtm.com/blog/apple_xnu_packet_mangler_CVE-2017-13904"
            },
            {
              "name": "1041027",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1041027"
            },
            {
              "name": "http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://packetstormsecurity.com/files/172828/Apple-packet-mangler-Remote-Code-Execution.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-06-12T07:15Z",
      "publishedDate": "2018-06-08T18:29Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-4249 (GCVE-0-2018-4249)

FKIE_CVE-2018-4249

CNVD-2018-12165

GHSA-H6QW-35GQ-32R3

CERTFR-2018-AVI-266

Solution

CERTFR-2018-AVI-266

Solution

VAR-201806-1451

GSD-2018-4249

Tags

Sightings

Nomenclature