var-201904-0756
Vulnerability from variot
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. Apple From macOS An update for has been released.The potential impact depends on each vulnerability, but may be affected as follows: * Arbitrary code execution * information leak * Access restriction bypass. This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of cookie data. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current user. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. CFNetwork is one of the low-level, high-performance frameworks, which is an extension of BSD sockets (sockets). A buffer error vulnerability exists in the CFNetwork component of several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra
macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address the following:
afpserver Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: A remote attacker may be able to attack AFP servers through HTTP clients Description: An input validation issue was addressed with improved input validation. CVE-2018-4415: Liang Zhuo working with Beyond Security's SecuriTeam Secure Disclosure
CoreCrypto Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers Description: An issue existed in the method for determining prime numbers. CVE-2018-4423: an anonymous researcher
EFI Available for: macOS High Sierra 10.13.6 Impact: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis Description: An information disclosure issue was addressed with a microcode update. This ensures that older data read from recently-written-to addresses cannot be read via a speculative side-channel. CVE-2018-4331: Brandon Azad
Hypervisor Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6 Impact: Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis Description: An information disclosure issue was addressed by flushing the L1 data cache at the virtual machine entry. CVE-2018-3646: Baris Kasikci, Daniel Genkin, Ofir Weisse, and Thomas F. CVE-2018-4424: Dr. CVE-2018-4310: CodeColorist of Ant-Financial LightYear Labs
Microcode Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14 Impact: Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis Description: An information disclosure issue was addressed with a microcode update. This ensures that implementation specific system registers cannot be leaked via a speculative execution side-channel. CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd. CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Calendar We would like to acknowledge an anonymous researcher for their assistance. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2018-10-30-9 Additional information for APPLE-SA-2018-9-24-1 macOS Mojave 10.14
macOS Mojave 10.14 addresses the following:
Bluetooth Available for: iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012) , iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac (Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015), Mac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012) , Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro (Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air (13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air (13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air (13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air (13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro (15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013), MacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina, 13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013) Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. CVE-2018-5383: Lior Neumann and Eli Biham
The updates below are available for these Mac models: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013, Mid 2010, and Mid 2012 models with recommended Metal-capable graphics processor, including MSI Gaming Radeon RX 560 and Sapphire Radeon PULSE RX 580)
afpserver Impact: A remote attacker may be able to attack AFP servers through HTTP clients Description: An input validation issue was addressed with improved input validation. CVE-2018-4324: Sergii Kryvoblotskyi of MacPaw Inc. CVE-2018-4353: Abhinav Bansal of LinkedIn Inc.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2018-10-30-8 Additional information for APPLE-SA-2018-9-24-4 iOS 12
iOS 12 addresses the following:
Accounts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local app may be able to read a persistent account identifier Description: This issue was addressed with improved entitlements. CVE-2018-4322: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc.
Auto Unlock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to access local users AppleIDs Description: A validation issue existed in the entitlement verification. CVE-2018-4321: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc.
Bluetooth Available for: iPhone SE, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPad Mini 4, 12.9-inch iPad Pro 1st generation, 12.9-inch iPad Pro 2nd generation, 10.5-inch iPad Pro, 9.7-inch iPad Pro, iPad 5th generation, and iPod Touch 6th generation Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. CVE-2018-5383: Lior Neumann and Eli Biham
CFNetwork Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018
CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4412: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018
CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4414: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018
CoreMedia Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An app may be able to learn information about the current camera view before being granted camera access Description: A permissions issue existed. CVE-2018-4356: an anonymous researcher
CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4347: an anonymous researcher Entry added October 30, 2018
Crash Reporter Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4333: Brandon Azad
Grand Central Dispatch Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4426: Brandon Azad Entry added October 30, 2018
Heimdal Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4331: Brandon Azad CVE-2018-4332: Brandon Azad CVE-2018-4343: Brandon Azad Entry added October 30, 2018
iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: A configuration issue was addressed with additional restrictions. CVE-2018-4355: evi1m0 of bilibili security team Entry added October 30, 2018
IOHIDFamily Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation CVE-2018-4408: Ian Beer of Google Project Zero Entry added October 30, 2018
IOKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4341: Ian Beer of Google Project Zero CVE-2018-4354: Ian Beer of Google Project Zero Entry added October 30, 2018
IOKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2018-4383: Apple Entry added October 30, 2018
IOMobileFrameBuffer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4335: Brandon Azad
IOUserEthernet Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4401: Apple Entry added October 30, 2018
iTunes Store Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to spoof password prompts in the iTunes Store Description: An input validation issue was addressed with improved input validation. CVE-2018-4305: Jerry Decime
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to leak sensitive user information Description: An access issue existed with privileged API calls. This issue was addressed with additional restrictions. CVE-2018-4399: Fabiano Anemone (@anoane) Entry added October 30, 2018
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: An input validation issue existed in the kernel. CVE-2018-4363: Ian Beer of Google Project Zero
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved validation. CVE-2018-4407: Kevin Backhouse of Semmle Ltd. Entry added October 30, 2018
Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4336: Brandon Azad CVE-2018-4337: Ian Beer of Google Project Zero CVE-2018-4340: Mohamed Ghannam (@_simo36) CVE-2018-4344: The UK's National Cyber Security Centre (NCSC) CVE-2018-4425: cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative Entry added October 30, 2018
mDNSOffloadUserClient Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4326: an anonymous researcher working with Trend Micro's Zero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team Entry added October 30, 2018
MediaRemote Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. CVE-2018-4310: CodeColorist of Ant-Financial LightYear Labs Entry added October 30, 2018
Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to discover a user's deleted messages Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi - Ankara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU)
Notes Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to discover a user's deleted notes Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4352: Utku Altinkaynak
Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to discover websites a user has visited Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi - Ankara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU)
Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A user may be unable to delete browsing history items Description: Clearing a history item may not clear visits with redirect chains. CVE-2018-4329: Hugo S. Diaz (coldpointblue)
SafariViewController Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4362: Jun Kokatsu (@shhnjk)
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: A logic issue was addressed with improved state management. CVE-2018-4307: Rafay Baloch of Pakistan Telecommunications Authority
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2018-4395: Patrick Wardle of Digita Security Entry added October 30, 2018
Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm Description: This issue was addressed by removing RC4. CVE-2016-1777: Pepi Zawodsky
Status Bar Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to determine the last used app from the lock screen Description: A logic issue was addressed with improved restrictions. CVE-2018-4325: Brian Adeloye
Symptom Framework Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018
Text Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4304: jianan.huang (@Sevck) Entry added October 30, 2018
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4299: Samuel GroI2 (saelo) working with Trend Micro's Zero Day Initiative CVE-2018-4323: Ivan Fratric of Google Project Zero CVE-2018-4328: Ivan Fratric of Google Project Zero CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative CVE-2018-4359: Samuel GroA (@5aelo) CVE-2018-4360: William Bowling (@wcbowling) Entry added October 30, 2018
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may cause unexepected cross-origin behavior Description: A cross-origin issue existed with "iframe" elements. CVE-2018-4319: John Pettitt of Google
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4197: Ivan Fratric of Google Project Zero CVE-2018-4306: Ivan Fratric of Google Project Zero CVE-2018-4312: Ivan Fratric of Google Project Zero CVE-2018-4314: Ivan Fratric of Google Project Zero CVE-2018-4315: Ivan Fratric of Google Project Zero CVE-2018-4317: Ivan Fratric of Google Project Zero CVE-2018-4318: Ivan Fratric of Google Project Zero
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate image data cross-origin Description: A cross-site scripting issue existed in Safari. CVE-2018-4345: an anonymous researcher
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Unexpected interaction causes an ASSERT failure Description: A memory corruption issue was addressed with improved validation. CVE-2018-4191: found by OSS-Fuzz
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cross-origin SecurityErrors includes the accessed frame's origin Description: The issue was addressed by removing origin information. CVE-2018-4311: Erling Alf Ellingsen (@steike)
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to execute scripts in the context of another website Description: A cross-site scripting issue existed in Safari. CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative
WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Unexpected interaction causes an ASSERT failure Description: A memory consumption issue was addressed with improved memory handling. CVE-2018-4361: found by OSS-Fuzz
Additional recognition
APFS We would like to acknowledge Umang Raghuvanshi for their assistance.
Assets We would like to acknowledge Brandon Azad for their assistance.
configd We would like to acknowledge Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH for their assistance.
Core Data We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance.
CoreSymbolication We would like to acknowledge Brandon Azad for their assistance.
Exchange ActiveSync We would like to acknowledge Jesse Thompson of University of Wisconsin-Madison for their assistance.
Feedback Assistant We would like to acknowledge Marco Grassi (@marcograss) of KeenLab (@keen_lab) Tencent working with Trend Micro's Zero Day Initiative for their assistance.
Kernel We would like to acknowledge Brandon Azad for their assistance.
Mail We would like to acknowledge Alessandro Avagliano of Rocket Internet SE, Gunnar Diepenbruck, and Zbyszek A>>A3Akiewski for their assistance.
MediaRemote We would like to acknowledge Brandon Azad for their assistance.
Quick Look We would like to acknowledge lokihardt of Google Project Zero for their assistance.
Safari We would like to acknowledge Marcel Manz of SIMM-Comm GmbH and Vlad Galbin for their assistance.
Sandbox Profiles We would like to acknowledge Tencent Keen Security Lab working with Trend Micro's Zero Day Initiative for their assistance.
Security We would like to acknowledge Christoph Sinai, Daniel Dudek (@dannysapples) of The Irish Times and Filip KlubiAka (@lemoncloak) of ADAPT Centre, Dublin Institute of Technology, Istvan Csanady of Shapr3D, Omar Barkawi of ITG Software, Inc., Phil Caleno, Wilson Ding, and an anonymous researcher for their assistance.
SQLite We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance.
Status Bar We would like to acknowledge Ju Zhu of Meituan and Moony Li and Lilang Wu of Trend Micro for their assistance.
WebKit We would like to acknowledge Cary Hartline, Hanming Zhang from 360 Vuclan team, Tencent Keen Security Lab working with Trend Micro's Zero Day Initiative, and Zach Malone of CA Technologies for their assistance.
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "iOS 12".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgYpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HbuA// ZOEwXUyLVS3SqfEjU3MRUoTp1x+Ow+fd5co9B6v7bY+Ebc2KmSZjpPuNPjouRHmf RbWpZ0Mc52NYm+OdYqPu/Tg94wRi6tlrYusk6GngVH4IBER4TqiFrLNSzAjXL0xP qWv3JQcAIFNbNWpSEzDzEbuq85q4BIuP/+v2LpTc1ZWqIYt9TQHxUpyjoTXZvQhL 8L9ZM/dj8BC+m713LeC/KzveaDpaqnVJUDbgUkzRyFfFqOJt+hlaTS8yMUM3G+TX cblL8bvFNIxtUrt4Rf2TwDRVxUZIw/aFK2APmxVZ44UAT+2o+WFxBkHRXQiZc4Lk OaTzzkocdZu4q4MibrxELBWtW46AcGMqQKUpFZ6GR+4U2c1ICRwKnjQTn0iY7mg7 d+M+bTx8T2knwV7lSwvnHz79rysvOuCF3QCAZ4tW4PvLHWSZ0TpJho8z23PLHFQd J3cOYPby6SM9YP6SBISX5OI8xnvr1XIAPIBnOy0ScaMFsu0Er8j1hvbF1fXiaYOJ CSUUXR2th3jPW0g9L0j4vWGURG1h0psIN2MxTSHbmm4KXBAYngZ0wDOeJMUe8YMy IG0UBDqKNh8lzKHcc4aYA1WyaNsqbgbngBqDATp/XyWRzd+Py/U06MVuIaV095Rv s9WW67M1kLHy4BeutXt+xLBp9AugI+gU53uysxcnBx4= =dGPm -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-0756",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "lt",
"trust": 1.8,
"vendor": "apple",
"version": "10.14"
},
{
"model": "macos",
"scope": null,
"trust": 1.4,
"vendor": "apple",
"version": null
},
{
"model": "itunes",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.9"
},
{
"model": "tvos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12"
},
{
"model": "icloud",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "7.7"
},
{
"model": "iphone os",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.0"
},
{
"model": "watchos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "5.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.12.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.13.6"
},
{
"model": "icloud",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 7.7 (windows 7 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "12 (ipad air or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "12 (iphone 5s or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "12 (ipod touch first 6 generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 12.9 (windows 7 or later )"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "12 (apple tv 4k)"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "12 (apple tv first 4 generation )"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5 (apple watch series 1 or later )"
},
{
"model": "macos mojave",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.14 earlier"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"db": "ZDI",
"id": "ZDI-18-1342"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "NVD",
"id": "CVE-2018-4126"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.14",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "12.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4126"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bruno Keith (@bkth_)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"db": "ZDI",
"id": "ZDI-18-1342"
}
],
"trust": 1.4
},
"cve": "CVE-2018-4126",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-4126",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2018-4126",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2018-4126",
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-134157",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-4126",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-4126",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-4126",
"trust": 1.4,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1455",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-134157",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-4126",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"db": "ZDI",
"id": "ZDI-18-1342"
},
{
"db": "VULHUB",
"id": "VHN-134157"
},
{
"db": "VULMON",
"id": "CVE-2018-4126"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1455"
},
{
"db": "NVD",
"id": "CVE-2018-4126"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. Apple From macOS An update for has been released.The potential impact depends on each vulnerability, but may be affected as follows: * Arbitrary code execution * information leak * Access restriction bypass. This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of cookie data. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current user. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. CFNetwork is one of the low-level, high-performance frameworks, which is an extension of BSD sockets (sockets). A buffer error vulnerability exists in the CFNetwork component of several Apple products. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2018-10-30-2 macOS Mojave 10.14.1, Security Update 2018-001\nHigh Sierra, Security Update 2018-005 Sierra\n\nmacOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and\nSecurity Update 2018-005 Sierra are now available and address\nthe following:\n\nafpserver\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: A remote attacker may be able to attack AFP servers through\nHTTP clients\nDescription: An input validation issue was addressed with improved\ninput validation. \nCVE-2018-4415: Liang Zhuo working with Beyond Security\u0027s SecuriTeam\nSecure Disclosure\n\nCoreCrypto\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: An attacker may be able to exploit a weakness in the\nMiller-Rabin primality test to incorrectly identify prime numbers\nDescription: An issue existed in the method for determining prime\nnumbers. \nCVE-2018-4423: an anonymous researcher\n\nEFI\nAvailable for: macOS High Sierra 10.13.6\nImpact: Systems with microprocessors utilizing speculative execution\nand speculative execution of memory reads before the addresses of all\nprior memory writes are known may allow unauthorized disclosure of\ninformation to an attacker with local user access via a side-channel\nanalysis\nDescription: An information disclosure issue was addressed with a\nmicrocode update. This ensures that older data read from\nrecently-written-to addresses cannot be read via a speculative\nside-channel. \nCVE-2018-4331: Brandon Azad\n\nHypervisor\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\nImpact: Systems with microprocessors utilizing speculative execution\nand address translations may allow unauthorized disclosure of\ninformation residing in the L1 data cache to an attacker with local\nuser access with guest OS privilege via a terminal page fault and a\nside-channel analysis\nDescription: An information disclosure issue was addressed by\nflushing the L1 data cache at the virtual machine entry. \nCVE-2018-3646: Baris Kasikci, Daniel Genkin, Ofir Weisse, and Thomas\nF. \nCVE-2018-4424: Dr. \nCVE-2018-4310: CodeColorist of Ant-Financial LightYear Labs\n\nMicrocode\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS\nMojave 10.14\nImpact: Systems with microprocessors utilizing speculative execution\nand that perform speculative reads of system registers may allow\nunauthorized disclosure of system parameters to an attacker with\nlocal user access via a side-channel analysis\nDescription: An information disclosure issue was addressed with a\nmicrocode update. This ensures that implementation specific system\nregisters cannot be leaked via a speculative execution side-channel. \nCVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd. \nCVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile\nNetworking Lab at Technische UniversitA$?t Darmstadt\n\nAdditional recognition\n\nCalendar\nWe would like to acknowledge an anonymous researcher for their\nassistance. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2018-10-30-9 Additional information for\nAPPLE-SA-2018-9-24-1 macOS Mojave 10.14\n\nmacOS Mojave 10.14 addresses the following:\n\nBluetooth\nAvailable for: iMac (21.5-inch, Late 2012), iMac (27-inch, Late 2012)\n, iMac (21.5-inch, Late 2013), iMac (21.5-inch, Mid 2014), iMac\n(Retina 5K, 27-inch, Late 2014), iMac (21.5-inch, Late 2015),\nMac mini (Mid 2011), Mac mini Server (Mid 2011), Mac mini (Late 2012)\n, Mac mini Server (Late 2012), Mac mini (Late 2014), Mac Pro\n(Late 2013), MacBook Air (11-inch, Mid 2011), MacBook Air\n(13-inch, Mid 2011), MacBook Air (11-inch, Mid 2012), MacBook Air\n(13-inch, Mid 2012), MacBook Air (11-inch, Mid 2013), MacBook Air\n(13-inch, Mid 2013), MacBook Air (11-inch, Early 2015), MacBook Air\n(13-inch, Early 2015), MacBook Pro (13-inch, Mid 2012), MacBook Pro\n(15-inch, Mid 2012), MacBook Pro (Retina, 13-inch, Early 2013),\nMacBook Pro (Retina, 15-inch, Early 2013), MacBook Pro (Retina,\n13-inch, Late 2013), and MacBook Pro (Retina, 15-inch, Late 2013)\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic\nDescription: An input validation issue existed in Bluetooth. \nCVE-2018-5383: Lior Neumann and Eli Biham\n\nThe updates below are available for these Mac models:\nMacBook (Early 2015 and later), MacBook Air (Mid 2012 and later),\nMacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later),\niMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013, Mid 2010, and Mid 2012 models with recommended\nMetal-capable graphics processor, including MSI Gaming Radeon RX 560\nand Sapphire Radeon PULSE RX 580)\n\nafpserver\nImpact: A remote attacker may be able to attack AFP servers through\nHTTP clients\nDescription: An input validation issue was addressed with improved\ninput validation. \nCVE-2018-4324: Sergii Kryvoblotskyi of MacPaw Inc. \nCVE-2018-4353: Abhinav Bansal of LinkedIn Inc. \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2018-10-30-8 Additional information for\nAPPLE-SA-2018-9-24-4 iOS 12\n\niOS 12 addresses the following:\n\nAccounts\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local app may be able to read a persistent account\nidentifier\nDescription: This issue was addressed with improved entitlements. \nCVE-2018-4322: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. \n\nAuto Unlock\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to access local users\nAppleIDs\nDescription: A validation issue existed in the entitlement\nverification. \nCVE-2018-4321: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. \n\nBluetooth\nAvailable for: iPhone SE, iPhone 6s, iPhone 6s Plus, iPhone 7,\niPhone 7 Plus, iPad Mini 4, 12.9-inch iPad Pro 1st generation,\n12.9-inch iPad Pro 2nd generation, 10.5-inch iPad Pro,\n9.7-inch iPad Pro, iPad 5th generation, and iPod Touch 6th generation\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic\nDescription: An input validation issue existed in Bluetooth. \nCVE-2018-5383: Lior Neumann and Eli Biham\n\nCFNetwork\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro\u0027s Zero\nDay Initiative\nEntry added October 30, 2018\n\nCoreFoundation\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to elevate privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4412: The UK\u0027s National Cyber Security Centre (NCSC)\nEntry added October 30, 2018\n\nCoreFoundation\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to gain elevated privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-4414: The UK\u0027s National Cyber Security Centre (NCSC)\nEntry added October 30, 2018\n\nCoreMedia\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An app may be able to learn information about the current\ncamera view before being granted camera access\nDescription: A permissions issue existed. \nCVE-2018-4356: an anonymous researcher\n\nCoreText\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing a maliciously crafted text file may lead to\narbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2018-4347: an anonymous researcher\nEntry added October 30, 2018\n\nCrash Reporter\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4333: Brandon Azad\n\nGrand Central Dispatch\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4426: Brandon Azad\nEntry added October 30, 2018\n\nHeimdal\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4331: Brandon Azad\nCVE-2018-4332: Brandon Azad\nCVE-2018-4343: Brandon Azad\nEntry added October 30, 2018\n\niBooks\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Parsing a maliciously crafted iBooks file may lead to\ndisclosure of user information\nDescription: A configuration issue was addressed with additional\nrestrictions. \nCVE-2018-4355: evi1m0 of bilibili security team\nEntry added October 30, 2018\n\nIOHIDFamily\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation\nCVE-2018-4408: Ian Beer of Google Project Zero\nEntry added October 30, 2018\n\nIOKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4341: Ian Beer of Google Project Zero\nCVE-2018-4354: Ian Beer of Google Project Zero\nEntry added October 30, 2018\n\nIOKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2018-4383: Apple\nEntry added October 30, 2018\n\nIOMobileFrameBuffer\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4335: Brandon Azad\n\nIOUserEthernet\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4401: Apple\nEntry added October 30, 2018\n\niTunes Store\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker in a privileged network position may be able to\nspoof password prompts in the iTunes Store\nDescription: An input validation issue was addressed with improved\ninput validation. \nCVE-2018-4305: Jerry Decime\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious application may be able to leak sensitive user\ninformation\nDescription: An access issue existed with privileged API calls. This\nissue was addressed with additional restrictions. \nCVE-2018-4399: Fabiano Anemone (@anoane)\nEntry added October 30, 2018\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to read restricted memory\nDescription: An input validation issue existed in the kernel. \nCVE-2018-4363: Ian Beer of Google Project Zero\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker in a privileged network position may be able to\nexecute arbitrary code\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2018-4407: Kevin Backhouse of Semmle Ltd. \nEntry added October 30, 2018\n\nKernel\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4336: Brandon Azad\nCVE-2018-4337: Ian Beer of Google Project Zero\nCVE-2018-4340: Mohamed Ghannam (@_simo36)\nCVE-2018-4344: The UK\u0027s National Cyber Security Centre (NCSC)\nCVE-2018-4425: cc working with Trend Micro\u0027s Zero Day Initiative,\nJuwei Lin (@panicaII) of Trend Micro working with Trend Micro\u0027s Zero\nDay Initiative\nEntry added October 30, 2018\n\nmDNSOffloadUserClient\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4326: an anonymous researcher working with Trend Micro\u0027s\nZero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team\nEntry added October 30, 2018\n\nMediaRemote\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: An access issue was addressed with additional sandbox\nrestrictions. \nCVE-2018-4310: CodeColorist of Ant-Financial LightYear Labs\nEntry added October 30, 2018\n\nMessages\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to discover a user\u0027s deleted\nmessages\nDescription: A consistency issue existed in the handling of\napplication snapshots. \nCVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert\nUlu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi -\nAnkara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l\nUniversity, Metin Altug Karakaya of Kaliptus Medical Organization,\nVinodh Swami of Western Governor\u0027s University (WGU)\n\nNotes\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to discover a user\u0027s deleted notes\nDescription: A consistency issue existed in the handling of\napplication snapshots. \nCVE-2018-4352: Utku Altinkaynak\n\nSafari\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to discover websites a user has\nvisited\nDescription: A consistency issue existed in the handling of\napplication snapshots. \nCVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert\nUlu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi -\nAnkara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l\nUniversity, Metin Altug Karakaya of Kaliptus Medical Organization,\nVinodh Swami of Western Governor\u0027s University (WGU)\n\nSafari\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A user may be unable to delete browsing history items\nDescription: Clearing a history item may not clear visits with\nredirect chains. \nCVE-2018-4329: Hugo S. Diaz (coldpointblue)\n\nSafariViewController\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Visiting a malicious website may lead to address bar spoofing\nDescription: An inconsistent user interface issue was addressed with\nimproved state management. \nCVE-2018-4362: Jun Kokatsu (@shhnjk)\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may be able to exfiltrate autofilled data\nin Safari\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2018-4307: Rafay Baloch of Pakistan Telecommunications Authority\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A local user may be able to cause a denial of service\nDescription: This issue was addressed with improved checks. \nCVE-2018-4395: Patrick Wardle of Digita Security\nEntry added October 30, 2018\n\nSecurity\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An attacker may be able to exploit weaknesses in the RC4\ncryptographic algorithm\nDescription: This issue was addressed by removing RC4. \nCVE-2016-1777: Pepi Zawodsky\n\nStatus Bar\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A person with physical access to an iOS device may be able to\ndetermine the last used app from the lock screen\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2018-4325: Brian Adeloye\n\nSymptom Framework\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: An application may be able to read restricted memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro\u0027s Zero\nDay Initiative\nEntry added October 30, 2018\n\nText\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing a maliciously crafted text file may lead to a\ndenial of service\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2018-4304: jianan.huang (@Sevck)\nEntry added October 30, 2018\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan\nTeam\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4299: Samuel GroI2 (saelo) working with Trend Micro\u0027s Zero\nDay Initiative\nCVE-2018-4323: Ivan Fratric of Google Project Zero\nCVE-2018-4328: Ivan Fratric of Google Project Zero\nCVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with\nTrend Micro\u0027s Zero Day Initiative\nCVE-2018-4359: Samuel GroA (@5aelo)\nCVE-2018-4360: William Bowling (@wcbowling)\nEntry added October 30, 2018\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may cause unexepected cross-origin\nbehavior\nDescription: A cross-origin issue existed with \"iframe\" elements. \nCVE-2018-4319: John Pettitt of Google\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2018-4197: Ivan Fratric of Google Project Zero\nCVE-2018-4306: Ivan Fratric of Google Project Zero\nCVE-2018-4312: Ivan Fratric of Google Project Zero\nCVE-2018-4314: Ivan Fratric of Google Project Zero\nCVE-2018-4315: Ivan Fratric of Google Project Zero\nCVE-2018-4317: Ivan Fratric of Google Project Zero\nCVE-2018-4318: Ivan Fratric of Google Project Zero\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may exfiltrate image data cross-origin\nDescription: A cross-site scripting issue existed in Safari. \nCVE-2018-4345: an anonymous researcher\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Unexpected interaction causes an ASSERT failure\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2018-4191: found by OSS-Fuzz\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Cross-origin SecurityErrors includes the accessed frame\u0027s\norigin\nDescription: The issue was addressed by removing origin information. \nCVE-2018-4311: Erling Alf Ellingsen (@steike)\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: A malicious website may be able to execute scripts in the\ncontext of another website\nDescription: A cross-site scripting issue existed in Safari. \nCVE-2018-4309: an anonymous researcher working with Trend Micro\u0027s\nZero Day Initiative\n\nWebKit\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod\ntouch 6th generation\nImpact: Unexpected interaction causes an ASSERT failure\nDescription: A memory consumption issue was addressed with improved\nmemory handling. \nCVE-2018-4361: found by OSS-Fuzz\n\nAdditional recognition\n\nAPFS\nWe would like to acknowledge Umang Raghuvanshi for their assistance. \n\nAssets\nWe would like to acknowledge Brandon Azad for their assistance. \n\nconfigd\nWe would like to acknowledge Sabri Haddouche (@pwnsdx) of Wire Swiss\nGmbH for their assistance. \n\nCore Data\nWe would like to acknowledge Andreas Kurtz (@aykay) of NESO Security\nLabs GmbH for their assistance. \n\nCoreSymbolication\nWe would like to acknowledge Brandon Azad for their assistance. \n\nExchange ActiveSync\nWe would like to acknowledge Jesse Thompson of University of\nWisconsin-Madison for their assistance. \n\nFeedback Assistant\nWe would like to acknowledge Marco Grassi (@marcograss) of KeenLab\n(@keen_lab) Tencent working with Trend Micro\u0027s Zero Day Initiative\nfor their assistance. \n\nKernel\nWe would like to acknowledge Brandon Azad for their assistance. \n\nMail\nWe would like to acknowledge Alessandro Avagliano of Rocket Internet\nSE, Gunnar Diepenbruck,\nand Zbyszek A\u003e\u003eA3Akiewski for their assistance. \n\nMediaRemote\nWe would like to acknowledge Brandon Azad for their assistance. \n\nQuick Look\nWe would like to acknowledge lokihardt of Google Project Zero for\ntheir assistance. \n\nSafari\nWe would like to acknowledge Marcel Manz of SIMM-Comm GmbH and Vlad\nGalbin for their assistance. \n\nSandbox Profiles\nWe would like to acknowledge Tencent Keen Security Lab working with\nTrend Micro\u0027s Zero Day Initiative for their assistance. \n\nSecurity\nWe would like to acknowledge Christoph Sinai, Daniel Dudek\n(@dannysapples) of The Irish Times and Filip KlubiAka (@lemoncloak)\nof ADAPT Centre, Dublin Institute of Technology, Istvan Csanady of\nShapr3D, Omar Barkawi of ITG Software, Inc., Phil Caleno, Wilson\nDing, and an anonymous researcher for their assistance. \n\nSQLite\nWe would like to acknowledge Andreas Kurtz (@aykay) of NESO Security\nLabs GmbH for their assistance. \n\nStatus Bar\nWe would like to acknowledge Ju Zhu of Meituan and Moony Li and\nLilang Wu of Trend Micro for their assistance. \n\nWebKit\nWe would like to acknowledge Cary Hartline, Hanming Zhang from 360\nVuclan team, Tencent Keen Security Lab working with Trend Micro\u0027s\nZero Day Initiative, and Zach Malone of CA Technologies for their\nassistance. \n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom https://www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"iOS 12\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgYpHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HbuA//\nZOEwXUyLVS3SqfEjU3MRUoTp1x+Ow+fd5co9B6v7bY+Ebc2KmSZjpPuNPjouRHmf\nRbWpZ0Mc52NYm+OdYqPu/Tg94wRi6tlrYusk6GngVH4IBER4TqiFrLNSzAjXL0xP\nqWv3JQcAIFNbNWpSEzDzEbuq85q4BIuP/+v2LpTc1ZWqIYt9TQHxUpyjoTXZvQhL\n8L9ZM/dj8BC+m713LeC/KzveaDpaqnVJUDbgUkzRyFfFqOJt+hlaTS8yMUM3G+TX\ncblL8bvFNIxtUrt4Rf2TwDRVxUZIw/aFK2APmxVZ44UAT+2o+WFxBkHRXQiZc4Lk\nOaTzzkocdZu4q4MibrxELBWtW46AcGMqQKUpFZ6GR+4U2c1ICRwKnjQTn0iY7mg7\nd+M+bTx8T2knwV7lSwvnHz79rysvOuCF3QCAZ4tW4PvLHWSZ0TpJho8z23PLHFQd\nJ3cOYPby6SM9YP6SBISX5OI8xnvr1XIAPIBnOy0ScaMFsu0Er8j1hvbF1fXiaYOJ\nCSUUXR2th3jPW0g9L0j4vWGURG1h0psIN2MxTSHbmm4KXBAYngZ0wDOeJMUe8YMy\nIG0UBDqKNh8lzKHcc4aYA1WyaNsqbgbngBqDATp/XyWRzd+Py/U06MVuIaV095Rv\ns9WW67M1kLHy4BeutXt+xLBp9AugI+gU53uysxcnBx4=\n=dGPm\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4126"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"db": "ZDI",
"id": "ZDI-18-1342"
},
{
"db": "VULHUB",
"id": "VHN-134157"
},
{
"db": "VULMON",
"id": "CVE-2018-4126"
},
{
"db": "PACKETSTORM",
"id": "150119"
},
{
"db": "PACKETSTORM",
"id": "150108"
},
{
"db": "PACKETSTORM",
"id": "150115"
},
{
"db": "PACKETSTORM",
"id": "150116"
},
{
"db": "PACKETSTORM",
"id": "150114"
},
{
"db": "PACKETSTORM",
"id": "150113"
},
{
"db": "PACKETSTORM",
"id": "150117"
}
],
"trust": 4.41
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4126",
"trust": 4.7
},
{
"db": "JVN",
"id": "JVNVU99356481",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU93341447",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96365720",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92800088",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014972",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6137",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1341",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6138",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1342",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1455",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "150115",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "150114",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-134157",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4126",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150119",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150108",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150116",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150113",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "150117",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"db": "ZDI",
"id": "ZDI-18-1342"
},
{
"db": "VULHUB",
"id": "VHN-134157"
},
{
"db": "VULMON",
"id": "CVE-2018-4126"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "PACKETSTORM",
"id": "150119"
},
{
"db": "PACKETSTORM",
"id": "150108"
},
{
"db": "PACKETSTORM",
"id": "150115"
},
{
"db": "PACKETSTORM",
"id": "150116"
},
{
"db": "PACKETSTORM",
"id": "150114"
},
{
"db": "PACKETSTORM",
"id": "150113"
},
{
"db": "PACKETSTORM",
"id": "150117"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1455"
},
{
"db": "NVD",
"id": "CVE-2018-4126"
}
]
},
"id": "VAR-201904-0756",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134157"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:50:26.406000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT209139",
"trust": 3.0,
"url": "https://support.apple.com/en-us/ht209139"
},
{
"title": "HT209140",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht209140"
},
{
"title": "HT209141",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht209141"
},
{
"title": "HT209193",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht209193"
},
{
"title": "HT209106",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht209106"
},
{
"title": "HT209107",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht209107"
},
{
"title": "HT209108",
"trust": 0.8,
"url": "https://support.apple.com/en-us/ht209108"
},
{
"title": "HT209141",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht209141"
},
{
"title": "HT209193",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht209193"
},
{
"title": "HT209106",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht209106"
},
{
"title": "HT209107",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht209107"
},
{
"title": "HT209108",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht209108"
},
{
"title": "HT209139",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht209139"
},
{
"title": "HT209140",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/ht209140"
},
{
"title": "Apple macOS CFNetwork Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86433"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"db": "ZDI",
"id": "ZDI-18-1342"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1455"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134157"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"db": "NVD",
"id": "CVE-2018-4126"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4126"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht209106"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht209107"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht209108"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht209139"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht209140"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht209141"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht209193"
},
{
"trust": 1.4,
"url": "https://support.apple.com/en-us/ht209139"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4126"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96365720/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93341447/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92800088/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99356481/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99356481/"
},
{
"trust": 0.7,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.7,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4203"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4191"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4304"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4299"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4323"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4318"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4309"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4315"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4340"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4197"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4316"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4317"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4306"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4312"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4328"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4331"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1777"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4314"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4319"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4311"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4336"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4305"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4332"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4313"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4341"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4321"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4337"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4326"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4310"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4361"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4359"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4358"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4347"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4344"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4343"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12618"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4334"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4308"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4153"
},
{
"trust": 0.2,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4295"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3646"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12613"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3639"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4412"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4414"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4345"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4360"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://seclists.org/fulldisclosure/2018/nov/19"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-10784"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4288"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17405"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3640"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4291"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4286"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14033"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4259"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4242"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17742"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4287"
},
{
"trust": 0.1,
"url": "https://support.apple.com/ht204283"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4338"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4324"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5334"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-5333"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4333"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-3194"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4401"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4383"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4354"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4399"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4395"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4307"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4322"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4325"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4329"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"db": "ZDI",
"id": "ZDI-18-1342"
},
{
"db": "VULHUB",
"id": "VHN-134157"
},
{
"db": "VULMON",
"id": "CVE-2018-4126"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "PACKETSTORM",
"id": "150119"
},
{
"db": "PACKETSTORM",
"id": "150108"
},
{
"db": "PACKETSTORM",
"id": "150115"
},
{
"db": "PACKETSTORM",
"id": "150116"
},
{
"db": "PACKETSTORM",
"id": "150114"
},
{
"db": "PACKETSTORM",
"id": "150113"
},
{
"db": "PACKETSTORM",
"id": "150117"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1455"
},
{
"db": "NVD",
"id": "CVE-2018-4126"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"db": "ZDI",
"id": "ZDI-18-1342"
},
{
"db": "VULHUB",
"id": "VHN-134157"
},
{
"db": "VULMON",
"id": "CVE-2018-4126"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "PACKETSTORM",
"id": "150119"
},
{
"db": "PACKETSTORM",
"id": "150108"
},
{
"db": "PACKETSTORM",
"id": "150115"
},
{
"db": "PACKETSTORM",
"id": "150116"
},
{
"db": "PACKETSTORM",
"id": "150114"
},
{
"db": "PACKETSTORM",
"id": "150113"
},
{
"db": "PACKETSTORM",
"id": "150117"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1455"
},
{
"db": "NVD",
"id": "CVE-2018-4126"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"date": "2018-11-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1342"
},
{
"date": "2019-04-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134157"
},
{
"date": "2019-04-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4126"
},
{
"date": "2019-04-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"date": "2018-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"date": "2018-10-31T16:17:40",
"db": "PACKETSTORM",
"id": "150119"
},
{
"date": "2018-10-31T15:50:04",
"db": "PACKETSTORM",
"id": "150108"
},
{
"date": "2018-10-31T16:10:39",
"db": "PACKETSTORM",
"id": "150115"
},
{
"date": "2018-10-31T16:10:50",
"db": "PACKETSTORM",
"id": "150116"
},
{
"date": "2018-10-31T16:10:29",
"db": "PACKETSTORM",
"id": "150114"
},
{
"date": "2018-10-31T16:10:19",
"db": "PACKETSTORM",
"id": "150113"
},
{
"date": "2018-10-31T16:10:59",
"db": "PACKETSTORM",
"id": "150117"
},
{
"date": "2018-10-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1455"
},
{
"date": "2019-04-03T18:29:02.080000",
"db": "NVD",
"id": "CVE-2018-4126"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"date": "2018-11-05T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1342"
},
{
"date": "2019-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-134157"
},
{
"date": "2019-04-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4126"
},
{
"date": "2019-04-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014972"
},
{
"date": "2018-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"date": "2019-04-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1455"
},
{
"date": "2019-04-05T18:18:35.757000",
"db": "NVD",
"id": "CVE-2018-4126"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1455"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple macOS nsurlstoraged Out-Of-Bounds Read Information Disclosure Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1341"
},
{
"db": "ZDI",
"id": "ZDI-18-1342"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1455"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.