ID

VAR-201804-1181


CVE

CVE-2018-4121


TITLE

plural Apple Used in products WebKit Vulnerability in arbitrary code execution in components

Trust: 0.8

sources: JVNDB: JVNDB-2018-003704

DESCRIPTION

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser included with Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: WebkitGTK+: Multiple vulnerabilities Date: August 22, 2018 Bugs: #652820, #658168, #662974 ID: 201808-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to arbitrary code execution. Background ========== WebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.20.4 >= 2.20.4 Description =========== Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.20.4" References ========== [ 1 ] CVE-2018-11646 https://nvd.nist.gov/vuln/detail/CVE-2018-11646 [ 2 ] CVE-2018-11712 https://nvd.nist.gov/vuln/detail/CVE-2018-11712 [ 3 ] CVE-2018-11713 https://nvd.nist.gov/vuln/detail/CVE-2018-11713 [ 4 ] CVE-2018-12293 https://nvd.nist.gov/vuln/detail/CVE-2018-12293 [ 5 ] CVE-2018-12294 https://nvd.nist.gov/vuln/detail/CVE-2018-12294 [ 6 ] CVE-2018-4101 https://nvd.nist.gov/vuln/detail/CVE-2018-4101 [ 7 ] CVE-2018-4113 https://nvd.nist.gov/vuln/detail/CVE-2018-4113 [ 8 ] CVE-2018-4114 https://nvd.nist.gov/vuln/detail/CVE-2018-4114 [ 9 ] CVE-2018-4117 https://nvd.nist.gov/vuln/detail/CVE-2018-4117 [ 10 ] CVE-2018-4118 https://nvd.nist.gov/vuln/detail/CVE-2018-4118 [ 11 ] CVE-2018-4119 https://nvd.nist.gov/vuln/detail/CVE-2018-4119 [ 12 ] CVE-2018-4120 https://nvd.nist.gov/vuln/detail/CVE-2018-4120 [ 13 ] CVE-2018-4121 https://nvd.nist.gov/vuln/detail/CVE-2018-4121 [ 14 ] CVE-2018-4122 https://nvd.nist.gov/vuln/detail/CVE-2018-4122 [ 15 ] CVE-2018-4125 https://nvd.nist.gov/vuln/detail/CVE-2018-4125 [ 16 ] CVE-2018-4127 https://nvd.nist.gov/vuln/detail/CVE-2018-4127 [ 17 ] CVE-2018-4128 https://nvd.nist.gov/vuln/detail/CVE-2018-4128 [ 18 ] CVE-2018-4129 https://nvd.nist.gov/vuln/detail/CVE-2018-4129 [ 19 ] CVE-2018-4133 https://nvd.nist.gov/vuln/detail/CVE-2018-4133 [ 20 ] CVE-2018-4146 https://nvd.nist.gov/vuln/detail/CVE-2018-4146 [ 21 ] CVE-2018-4162 https://nvd.nist.gov/vuln/detail/CVE-2018-4162 [ 22 ] CVE-2018-4163 https://nvd.nist.gov/vuln/detail/CVE-2018-4163 [ 23 ] CVE-2018-4165 https://nvd.nist.gov/vuln/detail/CVE-2018-4165 [ 24 ] CVE-2018-4190 https://nvd.nist.gov/vuln/detail/CVE-2018-4190 [ 25 ] CVE-2018-4192 https://nvd.nist.gov/vuln/detail/CVE-2018-4192 [ 26 ] CVE-2018-4199 https://nvd.nist.gov/vuln/detail/CVE-2018-4199 [ 27 ] CVE-2018-4200 https://nvd.nist.gov/vuln/detail/CVE-2018-4200 [ 28 ] CVE-2018-4201 https://nvd.nist.gov/vuln/detail/CVE-2018-4201 [ 29 ] CVE-2018-4204 https://nvd.nist.gov/vuln/detail/CVE-2018-4204 [ 30 ] CVE-2018-4214 https://nvd.nist.gov/vuln/detail/CVE-2018-4214 [ 31 ] CVE-2018-4218 https://nvd.nist.gov/vuln/detail/CVE-2018-4218 [ 32 ] CVE-2018-4222 https://nvd.nist.gov/vuln/detail/CVE-2018-4222 [ 33 ] CVE-2018-4232 https://nvd.nist.gov/vuln/detail/CVE-2018-4232 [ 34 ] CVE-2018-4233 https://nvd.nist.gov/vuln/detail/CVE-2018-4233 [ 35 ] CVE-2018-4261 https://nvd.nist.gov/vuln/detail/CVE-2018-4261 [ 36 ] CVE-2018-4262 https://nvd.nist.gov/vuln/detail/CVE-2018-4262 [ 37 ] CVE-2018-4263 https://nvd.nist.gov/vuln/detail/CVE-2018-4263 [ 38 ] CVE-2018-4264 https://nvd.nist.gov/vuln/detail/CVE-2018-4264 [ 39 ] CVE-2018-4265 https://nvd.nist.gov/vuln/detail/CVE-2018-4265 [ 40 ] CVE-2018-4266 https://nvd.nist.gov/vuln/detail/CVE-2018-4266 [ 41 ] CVE-2018-4267 https://nvd.nist.gov/vuln/detail/CVE-2018-4267 [ 42 ] CVE-2018-4270 https://nvd.nist.gov/vuln/detail/CVE-2018-4270 [ 43 ] CVE-2018-4272 https://nvd.nist.gov/vuln/detail/CVE-2018-4272 [ 44 ] CVE-2018-4273 https://nvd.nist.gov/vuln/detail/CVE-2018-4273 [ 45 ] CVE-2018-4278 https://nvd.nist.gov/vuln/detail/CVE-2018-4278 [ 46 ] CVE-2018-4284 https://nvd.nist.gov/vuln/detail/CVE-2018-4284 [ 47 ] WebKitGTK+ Security Advisory WSA-2018-0003 https://webkitgtk.org/security/WSA-2018-0003.html [ 48 ] WebKitGTK+ Security Advisory WSA-2018-0004 https://webkitgtk.org/security/WSA-2018-0004.html [ 49 ] WebKitGTK+ Security Advisory WSA-2018-0005 https://webkitgtk.org/security/WSA-2018-0005.html [ 50 ] WebKitGTK+ Security Advisory WSA-2018-0006 https://webkitgtk.org/security/WSA-2018-0006.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201808-04 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . CVE-2018-4117: an anonymous researcher, an anonymous researcher Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-1 iOS 11.3 iOS 11.3 is now available and addresses the following: Clock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to see the email address used for iTunes Description: An information disclosure issue existed in the handling of alarms and timers. This issue was addressed through improved access restrictions. CVE-2018-4123: Zaheen Hafzar M M (@zaheenhafzer) CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel GroA (@5aelo) CVE-2018-4158: Samuel GroA (@5aelo) CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH File System Events Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel GroA (@5aelo) Files Widget Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: File Widget may display contents on a locked device Description: The File Widget was displaying cached data when in the locked state. This issue was addressed with improved state management. CVE-2018-4168: Brandon Moore Find My iPhone Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to the device may be able to disable Find My iPhone without entering an iCloud password Description: A state management issue existed when restoring from a back up. This issue was addressed through improved state checking during restore. CVE-2018-4172: Viljami VastamA$?ki iCloud Drive Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4151: Samuel GroA (@5aelo) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC) Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6) Mail Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4174: an anonymous researcher, an anonymous researcher NSURLSession Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel GroA (@5aelo) PluginKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4156: Samuel GroA (@5aelo) Quick Look Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel GroA (@5aelo) Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website by clicking a link may lead to user interface spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4134: xisigr of Tencent's Xuanwu Lab (tencent.com), Zhiyang Zeng (@Wester) of Tencent Security Platform Department Safari Login AutoFill Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to exfiltrate autofilled data in Safari without explicit user interaction. Description: Safari autofill did not require explicit user interaction before taking place. The issue was addressed through improved autofill heuristics. CVE-2018-4137: SafariViewController Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to user interface spoofing Description: A state management issue was addressed by disabling text input until the destination page loads. CVE-2018-4149: Abhinash Jain (@abhinashjain) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo) Storage Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4154: Samuel GroA (@5aelo) System Preferences Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. This issue was addressed through improved preferences cleanup. CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera Telephony Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A remote attacker can cause a device to unexpectedly restart Description: A null pointer dereference issue existed when handling Class 0 SMS messages. This issue was addressed through improved message validation. CVE-2018-4140: @mjonsson, Arjan van der Oest of Voiceworks BV Web App Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in web app Description: A cookie management issue was addressed through improved state management. CVE-2018-4110: Ben Compton and Jason Colley of Cerner Corporation WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab CVE-2018-4114: found by OSS-Fuzz CVE-2018-4118: Jun Kokatsu (@shhnjk) CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team CVE-2018-4121: Natalie Silvanovich of Google Project Zero CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4128: Zach Markley CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Unexpected interaction with indexing types causing an ASSERT failure Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks. CVE-2018-4113: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to a denial of service Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with the fetch API. This was addressed through improved input validation. CVE-2018-4117: an anonymous researcher, an anonymous researcher WindowServer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An unprivileged application may be able to log keystrokes entered into other applications even when secure input mode is enabled Description: By scanning key states, an unprivileged application could log keystrokes entered into other applications even when secure input mode was enabled. This issue was addressed by improved state management. CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH Additional recognition WebKit We would like to acknowledge Johnny Nipper of Tinder Security Team for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "11.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlopHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbhLRAA to9k0U/CI3PfYp2o2lluS7LgE3jvA7+pXvdjbvoh14BFHf9Wv+yhdtyLQEDSne+0 TM8BkiMgEmo+uKKcVFCDeV9GrkWqO7ocBfT65hj4A/vxPAS6xlBTV9mjZXiqvSWs +Cbb4Nd53o6m2QRORkjNVZ2h0ow53J5RirnyzjWt4LMdCpc4jMG87OCuQheKzjxq g6gOlwblVrRxH6aMX5if/SetGGxzZeY5sKwe1Xhz6yIYsm1Gw45REt3FJs4KEh5Z oL+yWVvaGLOPDzC+DBX0dXJmsqLx9wzDJsqQ2J6Mb/nh1Tgh6NDdHkDCAZ7P6CeU 0IpXK7aaPkRy5GUbkAdzdPEFql9e0/jGlqMf/rZlNTItbgtn0+9e2zsJ0UPPRcWi +7IQygkXnXmYUZ0wrh/Wdye/jAJZpLdsUuWr1RalTdmDASU/tzgpoglf3EyTQoRy IqFGRSe6+no8Pw1qCLUvZz8C6dTKvE+Jv5oe9XbCEjsvpRmQZK64FiQ0HIaAMHKo Rl9OY6+evzyqdAtivE4AFCRT7Z15pktFYAVefWkdVFbVU2mCYF+peXIq6tGg4o+g 70E29XaDZBakcVho9bW4e2rDA+m606ILuZ4AyjEEvfRYH+d+WTvDqdIywq0V7grj qlU787sRw/tVx646jcHVqbYZEgZVmeAvcT8C2c0Zhvo= =RJi8 -----END PGP SIGNATURE----- . Installation note: Safari 11.1 may be obtained from the Mac App Store

Trust: 2.43

sources: NVD: CVE-2018-4121 // JVNDB: JVNDB-2018-003704 // VULHUB: VHN-134152 // VULMON: CVE-2018-4121 // PACKETSTORM: 149059 // PACKETSTORM: 146965 // PACKETSTORM: 146964 // PACKETSTORM: 146966 // PACKETSTORM: 146969 // PACKETSTORM: 146970 // PACKETSTORM: 146971

AFFECTED PRODUCTS

vendor:applemodel:watchosscope:ltversion:4.3

Trust: 1.0

vendor:applemodel:safariscope:ltversion:11.1

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:11.3

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:7.4

Trust: 1.0

vendor:applemodel:itunesscope:ltversion:12.7.4

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:11.3

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:7.4 (windows 7 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:11.3 (ipad air or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:11.3 (iphone 5s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:11.3 (ipod touch first 6 generation )

Trust: 0.8

vendor:applemodel:itunesscope:ltversion:for windows 12.7.4 ( target os : windows 7 or later )

Trust: 0.8

vendor:applemodel:safariscope:ltversion:11.1 (macos high sierra 10.13.4)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:11.1 (macos sierra 10.12.6)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:11.1 (os x el capitan 10.11.6)

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:11.3 (apple tv 4k)

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:11.3 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:4.3 (apple watch all models )

Trust: 0.8

vendor:applemodel:itunesscope:eqversion:4.6.0

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:4.7.0

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:4.6

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:4.7

Trust: 0.6

vendor:applemodel:itunesscope:eqversion:4.5.0

Trust: 0.6

sources: JVNDB: JVNDB-2018-003704 // CNNVD: CNNVD-201804-184 // NVD: CVE-2018-4121

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-4121
value: HIGH

Trust: 1.0

NVD: CVE-2018-4121
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201804-184
value: HIGH

Trust: 0.6

VULHUB: VHN-134152
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-4121
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-4121
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-134152
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-4121
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-134152 // VULMON: CVE-2018-4121 // JVNDB: JVNDB-2018-003704 // CNNVD: CNNVD-201804-184 // NVD: CVE-2018-4121

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-134152 // JVNDB: JVNDB-2018-003704 // NVD: CVE-2018-4121

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-184

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201804-184

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-003704

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-134152 // VULMON: CVE-2018-4121

PATCH

title:HT208697url:https://support.apple.com/en-us/HT208697

Trust: 0.8

title:HT208698url:https://support.apple.com/en-us/HT208698

Trust: 0.8

title:HT208693url:https://support.apple.com/en-us/HT208693

Trust: 0.8

title:HT208694url:https://support.apple.com/en-us/HT208694

Trust: 0.8

title:HT208695url:https://support.apple.com/en-us/HT208695

Trust: 0.8

title:HT208696url:https://support.apple.com/en-us/HT208696

Trust: 0.8

title:HT208693url:https://support.apple.com/ja-jp/HT208693

Trust: 0.8

title:HT208694url:https://support.apple.com/ja-jp/HT208694

Trust: 0.8

title:HT208695url:https://support.apple.com/ja-jp/HT208695

Trust: 0.8

title:HT208696url:https://support.apple.com/ja-jp/HT208696

Trust: 0.8

title:HT208697url:https://support.apple.com/ja-jp/HT208697

Trust: 0.8

title:HT208698url:https://support.apple.com/ja-jp/HT208698

Trust: 0.8

title:Multiple Apple product WebKit Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83036

Trust: 0.6

title:Red Hat: CVE-2018-4121url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2018-4121

Trust: 0.1

title:Apple: Safari 11.1url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=ee3f60ca20e25abaeeaa2929b7de559a

Trust: 0.1

title:Apple: watchOS 4.3url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=0c9672f464c8ecdde98d280637ecb1c5

Trust: 0.1

title:Apple: iCloud for Windows 7.4url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=3c324dcae1b032626ce2245c5900fb36

Trust: 0.1

title:Apple: iTunes 12.7.4 for Windowsurl:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=1b3706ef4ba6948ac20ebbbcffe7bc29

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - October 2018url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=2196fa008592287290cbd6678fbe10d4

Trust: 0.1

title:Apple: tvOS 11.3url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=0eeec7064403af3bc921bd387f797adc

Trust: 0.1

title:Apple: iOS 11.3url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=66db9acd354635a683838e3cd9bc2d76

Trust: 0.1

title:CVE-2018-4121url:https://github.com/mwrlabs/CVE-2018-4121

Trust: 0.1

title:jdong-learning-resourcesurl:https://github.com/joydo/jdong-learning-resources

Trust: 0.1

title:WebAssemblyCVEurl:https://github.com/sleicasper/WebAssemblyCVE

Trust: 0.1

title:Exp101tsArchiv30thersurl:https://github.com/nu11secur1ty/Exp101tsArchiv30thers

Trust: 0.1

title:PoC-in-GitHuburl:https://github.com/developer3000S/PoC-in-GitHub

Trust: 0.1

title:awesome-cve-poc_qazbnm456url:https://github.com/xbl3/awesome-cve-poc_qazbnm456

Trust: 0.1

title:PoC-in-GitHuburl:https://github.com/hectorgie/PoC-in-GitHub

Trust: 0.1

title:CVE-POCurl:https://github.com/0xT11/CVE-POC

Trust: 0.1

title:PoC-in-GitHuburl:https://github.com/nomi-sec/PoC-in-GitHub

Trust: 0.1

sources: VULMON: CVE-2018-4121 // JVNDB: JVNDB-2018-003704 // CNNVD: CNNVD-201804-184

EXTERNAL IDS

db:NVDid:CVE-2018-4121

Trust: 3.3

db:EXPLOIT-DBid:44427

Trust: 1.8

db:SECTRACKid:1040604

Trust: 1.8

db:JVNid:JVNVU92378299

Trust: 0.8

db:JVNDBid:JVNDB-2018-003704

Trust: 0.8

db:CNNVDid:CNNVD-201804-184

Trust: 0.6

db:PACKETSTORMid:147518

Trust: 0.1

db:VULHUBid:VHN-134152

Trust: 0.1

db:VULMONid:CVE-2018-4121

Trust: 0.1

db:PACKETSTORMid:149059

Trust: 0.1

db:PACKETSTORMid:146965

Trust: 0.1

db:PACKETSTORMid:146964

Trust: 0.1

db:PACKETSTORMid:146966

Trust: 0.1

db:PACKETSTORMid:146969

Trust: 0.1

db:PACKETSTORMid:146970

Trust: 0.1

db:PACKETSTORMid:146971

Trust: 0.1

sources: VULHUB: VHN-134152 // VULMON: CVE-2018-4121 // JVNDB: JVNDB-2018-003704 // PACKETSTORM: 149059 // PACKETSTORM: 146965 // PACKETSTORM: 146964 // PACKETSTORM: 146966 // PACKETSTORM: 146969 // PACKETSTORM: 146970 // PACKETSTORM: 146971 // CNNVD: CNNVD-201804-184 // NVD: CVE-2018-4121

REFERENCES

url:https://www.exploit-db.com/exploits/44427/

Trust: 1.9

url:https://security.gentoo.org/glsa/201808-04

Trust: 1.9

url:https://github.com/mwrlabs/cve-2018-4121

Trust: 1.9

url:https://support.apple.com/ht208693

Trust: 1.8

url:https://support.apple.com/ht208694

Trust: 1.8

url:https://support.apple.com/ht208695

Trust: 1.8

url:https://support.apple.com/ht208696

Trust: 1.8

url:https://support.apple.com/ht208697

Trust: 1.8

url:https://support.apple.com/ht208698

Trust: 1.8

url:http://www.securitytracker.com/id/1040604

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4121

Trust: 1.5

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4121

Trust: 0.8

url:http://jvn.jp/vu/jvnvu92378299/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4114

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-4125

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-4113

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-4122

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-4146

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-4129

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-4101

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-4120

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-4163

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-4127

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-4162

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-4128

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-4118

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-4117

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-4119

Trust: 0.6

url:https://support.apple.com/kb/ht201222

Trust: 0.6

url:https://www.apple.com/support/security/pgp/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2018-4165

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-4161

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-4144

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-4130

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-4143

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4142

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4115

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4104

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4150

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4133

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4155

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4166

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4167

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4157

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4137

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-4121

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4265

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4233

Trust: 0.1

url:https://webkitgtk.org/security/wsa-2018-0003.html

Trust: 0.1

url:https://webkitgtk.org/security/wsa-2018-0004.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4190

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4264

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4232

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4261

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-11713

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4204

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4263

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-11646

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4270

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4214

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-12293

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-12294

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4262

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4284

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4266

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4273

Trust: 0.1

url:https://webkitgtk.org/security/wsa-2018-0006.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4192

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4201

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4267

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4272

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4200

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4199

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-11712

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4278

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://webkitgtk.org/security/wsa-2018-0005.html

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4218

Trust: 0.1

url:https://support.apple.com/kb/ht204641

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4158

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4123

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4149

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4110

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4134

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4140

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4131

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4102

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4116

Trust: 0.1

url:https://www.apple.com/itunes/download/

Trust: 0.1

url:https://support.apple.com/ht204283

Trust: 0.1

sources: VULHUB: VHN-134152 // VULMON: CVE-2018-4121 // JVNDB: JVNDB-2018-003704 // PACKETSTORM: 149059 // PACKETSTORM: 146965 // PACKETSTORM: 146964 // PACKETSTORM: 146966 // PACKETSTORM: 146969 // PACKETSTORM: 146970 // PACKETSTORM: 146971 // CNNVD: CNNVD-201804-184 // NVD: CVE-2018-4121

CREDITS

Apple

Trust: 0.6

sources: PACKETSTORM: 146965 // PACKETSTORM: 146964 // PACKETSTORM: 146966 // PACKETSTORM: 146969 // PACKETSTORM: 146970 // PACKETSTORM: 146971

SOURCES

db:VULHUBid:VHN-134152
db:VULMONid:CVE-2018-4121
db:JVNDBid:JVNDB-2018-003704
db:PACKETSTORMid:149059
db:PACKETSTORMid:146965
db:PACKETSTORMid:146964
db:PACKETSTORMid:146966
db:PACKETSTORMid:146969
db:PACKETSTORMid:146970
db:PACKETSTORMid:146971
db:CNNVDid:CNNVD-201804-184
db:NVDid:CVE-2018-4121

LAST UPDATE DATE

2024-11-24T20:15:34.684000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-134152date:2019-03-08T00:00:00
db:VULMONid:CVE-2018-4121date:2019-03-08T00:00:00
db:JVNDBid:JVNDB-2018-003704date:2018-06-01T00:00:00
db:CNNVDid:CNNVD-201804-184date:2019-03-13T00:00:00
db:NVDid:CVE-2018-4121date:2024-11-21T04:06:48.380

SOURCES RELEASE DATE

db:VULHUBid:VHN-134152date:2018-04-03T00:00:00
db:VULMONid:CVE-2018-4121date:2018-04-03T00:00:00
db:JVNDBid:JVNDB-2018-003704date:2018-06-01T00:00:00
db:PACKETSTORMid:149059date:2018-08-23T18:40:24
db:PACKETSTORMid:146965date:2018-03-30T15:52:32
db:PACKETSTORMid:146964date:2018-03-30T15:52:10
db:PACKETSTORMid:146966date:2018-03-30T15:52:53
db:PACKETSTORMid:146969date:2018-03-30T15:55:24
db:PACKETSTORMid:146970date:2018-03-30T15:55:41
db:PACKETSTORMid:146971date:2018-03-30T15:56:03
db:CNNVDid:CNNVD-201804-184date:2018-04-03T00:00:00
db:NVDid:CVE-2018-4121date:2018-04-03T06:29:05.250