ID

VAR-201904-1414


CVE

CVE-2018-4323


TITLE

plural Apple Memory corruption vulnerability in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-014879

DESCRIPTION

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit is one of the web browser engine components. A buffer error vulnerability exists in the WebKit component of several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-8 Additional information for APPLE-SA-2018-9-24-4 iOS 12 iOS 12 addresses the following: Accounts Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local app may be able to read a persistent account identifier Description: This issue was addressed with improved entitlements. CVE-2018-4322: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. Auto Unlock Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to access local users AppleIDs Description: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. CVE-2018-4321: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. Bluetooth Available for: iPhone SE, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPad Mini 4, 12.9-inch iPad Pro 1st generation, 12.9-inch iPad Pro 2nd generation, 10.5-inch iPad Pro, 9.7-inch iPad Pro, iPad 5th generation, and iPod Touch 6th generation Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2018-5383: Lior Neumann and Eli Biham CFNetwork Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4412: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreFoundation Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4414: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreMedia Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An app may be able to learn information about the current camera view before being granted camera access Description: A permissions issue existed. This issue was addressed with improved permission validation. CVE-2018-4356: an anonymous researcher CoreText Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4347: an anonymous researcher Entry added October 30, 2018 Crash Reporter Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4333: Brandon Azad Grand Central Dispatch Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4426: Brandon Azad Entry added October 30, 2018 Heimdal Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4331: Brandon Azad CVE-2018-4332: Brandon Azad CVE-2018-4343: Brandon Azad Entry added October 30, 2018 iBooks Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information Description: A configuration issue was addressed with additional restrictions. CVE-2018-4355: evi1m0 of bilibili security team Entry added October 30, 2018 IOHIDFamily Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation CVE-2018-4408: Ian Beer of Google Project Zero Entry added October 30, 2018 IOKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4341: Ian Beer of Google Project Zero CVE-2018-4354: Ian Beer of Google Project Zero Entry added October 30, 2018 IOKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2018-4383: Apple Entry added October 30, 2018 IOMobileFrameBuffer Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4335: Brandon Azad IOUserEthernet Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4401: Apple Entry added October 30, 2018 iTunes Store Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to spoof password prompts in the iTunes Store Description: An input validation issue was addressed with improved input validation. CVE-2018-4305: Jerry Decime Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to leak sensitive user information Description: An access issue existed with privileged API calls. This issue was addressed with additional restrictions. CVE-2018-4399: Fabiano Anemone (@anoane) Entry added October 30, 2018 Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: An input validation issue existed in the kernel. This issue was addressed with improved input validation. CVE-2018-4363: Ian Beer of Google Project Zero Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved validation. CVE-2018-4407: Kevin Backhouse of Semmle Ltd. Entry added October 30, 2018 Kernel Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4336: Brandon Azad CVE-2018-4337: Ian Beer of Google Project Zero CVE-2018-4340: Mohamed Ghannam (@_simo36) CVE-2018-4344: The UK's National Cyber Security Centre (NCSC) CVE-2018-4425: cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 mDNSOffloadUserClient Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4326: an anonymous researcher working with Trend Micro's Zero Day Initiative, Zhuo Liang of Qihoo 360 Nirvan Team Entry added October 30, 2018 MediaRemote Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. CVE-2018-4310: CodeColorist of Ant-Financial LightYear Labs Entry added October 30, 2018 Messages Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to discover a user's deleted messages Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi - Ankara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU) Notes Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to discover a user's deleted notes Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4352: Utku Altinkaynak Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to discover websites a user has visited Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi - Ankara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU) Safari Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A user may be unable to delete browsing history items Description: Clearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion. CVE-2018-4329: Hugo S. Diaz (coldpointblue) SafariViewController Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4362: Jun Kokatsu (@shhnjk) Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to exfiltrate autofilled data in Safari Description: A logic issue was addressed with improved state management. CVE-2018-4307: Rafay Baloch of Pakistan Telecommunications Authority Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A local user may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2018-4395: Patrick Wardle of Digita Security Entry added October 30, 2018 Security Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm Description: This issue was addressed by removing RC4. CVE-2016-1777: Pepi Zawodsky Status Bar Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A person with physical access to an iOS device may be able to determine the last used app from the lock screen Description: A logic issue was addressed with improved restrictions. CVE-2018-4325: Brian Adeloye Symptom Framework Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 Text Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4304: jianan.huang (@Sevck) Entry added October 30, 2018 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4299: Samuel GroI2 (saelo) working with Trend Micro's Zero Day Initiative CVE-2018-4323: Ivan Fratric of Google Project Zero CVE-2018-4328: Ivan Fratric of Google Project Zero CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative CVE-2018-4359: Samuel GroA (@5aelo) CVE-2018-4360: William Bowling (@wcbowling) Entry added October 30, 2018 WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may cause unexepected cross-origin behavior Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. CVE-2018-4319: John Pettitt of Google WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4197: Ivan Fratric of Google Project Zero CVE-2018-4306: Ivan Fratric of Google Project Zero CVE-2018-4312: Ivan Fratric of Google Project Zero CVE-2018-4314: Ivan Fratric of Google Project Zero CVE-2018-4315: Ivan Fratric of Google Project Zero CVE-2018-4317: Ivan Fratric of Google Project Zero CVE-2018-4318: Ivan Fratric of Google Project Zero WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may exfiltrate image data cross-origin Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. CVE-2018-4345: an anonymous researcher WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Unexpected interaction causes an ASSERT failure Description: A memory corruption issue was addressed with improved validation. CVE-2018-4191: found by OSS-Fuzz WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cross-origin SecurityErrors includes the accessed frame's origin Description: The issue was addressed by removing origin information. CVE-2018-4311: Erling Alf Ellingsen (@steike) WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious website may be able to execute scripts in the context of another website Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative WebKit Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Unexpected interaction causes an ASSERT failure Description: A memory consumption issue was addressed with improved memory handling. CVE-2018-4361: found by OSS-Fuzz Additional recognition APFS We would like to acknowledge Umang Raghuvanshi for their assistance. Assets We would like to acknowledge Brandon Azad for their assistance. configd We would like to acknowledge Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH for their assistance. Core Data We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. CoreSymbolication We would like to acknowledge Brandon Azad for their assistance. Exchange ActiveSync We would like to acknowledge Jesse Thompson of University of Wisconsin-Madison for their assistance. Feedback Assistant We would like to acknowledge Marco Grassi (@marcograss) of KeenLab (@keen_lab) Tencent working with Trend Micro's Zero Day Initiative for their assistance. Kernel We would like to acknowledge Brandon Azad for their assistance. Mail We would like to acknowledge Alessandro Avagliano of Rocket Internet SE, Gunnar Diepenbruck, and Zbyszek A>>A3Akiewski for their assistance. MediaRemote We would like to acknowledge Brandon Azad for their assistance. Quick Look We would like to acknowledge lokihardt of Google Project Zero for their assistance. Safari We would like to acknowledge Marcel Manz of SIMM-Comm GmbH and Vlad Galbin for their assistance. Sandbox Profiles We would like to acknowledge Tencent Keen Security Lab working with Trend Micro's Zero Day Initiative for their assistance. Security We would like to acknowledge Christoph Sinai, Daniel Dudek (@dannysapples) of The Irish Times and Filip KlubiAka (@lemoncloak) of ADAPT Centre, Dublin Institute of Technology, Istvan Csanady of Shapr3D, Omar Barkawi of ITG Software, Inc., Phil Caleno, Wilson Ding, and an anonymous researcher for their assistance. SQLite We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. Status Bar We would like to acknowledge Ju Zhu of Meituan and Moony Li and Lilang Wu of Trend Micro for their assistance. WebKit We would like to acknowledge Cary Hartline, Hanming Zhang from 360 Vuclan team, Tencent Keen Security Lab working with Trend Micro's Zero Day Initiative, and Zach Malone of CA Technologies for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 12". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgYpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HbuA// ZOEwXUyLVS3SqfEjU3MRUoTp1x+Ow+fd5co9B6v7bY+Ebc2KmSZjpPuNPjouRHmf RbWpZ0Mc52NYm+OdYqPu/Tg94wRi6tlrYusk6GngVH4IBER4TqiFrLNSzAjXL0xP qWv3JQcAIFNbNWpSEzDzEbuq85q4BIuP/+v2LpTc1ZWqIYt9TQHxUpyjoTXZvQhL 8L9ZM/dj8BC+m713LeC/KzveaDpaqnVJUDbgUkzRyFfFqOJt+hlaTS8yMUM3G+TX cblL8bvFNIxtUrt4Rf2TwDRVxUZIw/aFK2APmxVZ44UAT+2o+WFxBkHRXQiZc4Lk OaTzzkocdZu4q4MibrxELBWtW46AcGMqQKUpFZ6GR+4U2c1ICRwKnjQTn0iY7mg7 d+M+bTx8T2knwV7lSwvnHz79rysvOuCF3QCAZ4tW4PvLHWSZ0TpJho8z23PLHFQd J3cOYPby6SM9YP6SBISX5OI8xnvr1XIAPIBnOy0ScaMFsu0Er8j1hvbF1fXiaYOJ CSUUXR2th3jPW0g9L0j4vWGURG1h0psIN2MxTSHbmm4KXBAYngZ0wDOeJMUe8YMy IG0UBDqKNh8lzKHcc4aYA1WyaNsqbgbngBqDATp/XyWRzd+Py/U06MVuIaV095Rv s9WW67M1kLHy4BeutXt+xLBp9AugI+gU53uysxcnBx4= =dGPm -----END PGP SIGNATURE----- . Installation note: Safari 12 may be obtained from the Mac App Store

Trust: 2.52

sources: NVD: CVE-2018-4323 // JVNDB: JVNDB-2018-014879 // VULHUB: VHN-134354 // VULMON: CVE-2018-4323 // PACKETSTORM: 150119 // PACKETSTORM: 150115 // PACKETSTORM: 149514 // PACKETSTORM: 150114 // PACKETSTORM: 149511 // PACKETSTORM: 150117 // PACKETSTORM: 149513 // PACKETSTORM: 149722

AFFECTED PRODUCTS

vendor:applemodel:safariscope:ltversion:12

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:7.7

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:12.0

Trust: 1.0

vendor:applemodel:itunesscope:ltversion:12.9

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:12

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:for windows 7.7 (windows 7 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:12 (ipad air or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:12 (iphone 5s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:12 (ipod touch first 6 generation )

Trust: 0.8

vendor:applemodel:itunesscope:ltversion:for windows 12.9 (windows 7 or later )

Trust: 0.8

vendor:applemodel:safariscope:ltversion:12 (macos high sierra 10.13.6)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:12 (macos mojave 10.14)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:12 (macos sierra 10.12.6)

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:12 (apple tv 4k)

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:12 (apple tv first 4 generation )

Trust: 0.8

sources: JVNDB: JVNDB-2018-014879 // NVD: CVE-2018-4323

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-4323
value: HIGH

Trust: 1.0

NVD: CVE-2018-4323
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201809-1158
value: HIGH

Trust: 0.6

VULHUB: VHN-134354
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-4323
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-4323
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-134354
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-4323
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-134354 // VULMON: CVE-2018-4323 // JVNDB: JVNDB-2018-014879 // CNNVD: CNNVD-201809-1158 // NVD: CVE-2018-4323

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-134354 // JVNDB: JVNDB-2018-014879 // NVD: CVE-2018-4323

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-1158

TYPE

code execution

Trust: 0.6

sources: PACKETSTORM: 150119 // PACKETSTORM: 150115 // PACKETSTORM: 150114 // PACKETSTORM: 149511 // PACKETSTORM: 150117 // PACKETSTORM: 149722

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014879

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-134354 // VULMON: CVE-2018-4323

PATCH

title:HT209141url:https://support.apple.com/en-us/HT209141

Trust: 0.8

title:HT209106url:https://support.apple.com/en-us/HT209106

Trust: 0.8

title:HT209107url:https://support.apple.com/en-us/HT209107

Trust: 0.8

title:HT209109url:https://support.apple.com/en-us/HT209109

Trust: 0.8

title:HT209140url:https://support.apple.com/en-us/HT209140

Trust: 0.8

title:HT209106url:https://support.apple.com/ja-jp/HT209106

Trust: 0.8

title:HT209140url:https://support.apple.com/ja-jp/HT209140

Trust: 0.8

title:HT209141url:https://support.apple.com/ja-jp/HT209141

Trust: 0.8

title:HT209107url:https://support.apple.com/ja-jp/HT209107

Trust: 0.8

title:HT209109url:https://support.apple.com/ja-jp/HT209109

Trust: 0.8

title:Multiple Apple product WebKit Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85192

Trust: 0.6

title:Ubuntu Security Notice: webkit2gtk vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3781-1

Trust: 0.1

title:domatourl:https://github.com/googleprojectzero/domato

Trust: 0.1

title:BleepingComputerurl:https://www.bleepingcomputer.com/news/security/apple-releases-security-updates-for-ios-and-icloud-fixes-passcode-bypass/

Trust: 0.1

sources: VULMON: CVE-2018-4323 // JVNDB: JVNDB-2018-014879 // CNNVD: CNNVD-201809-1158

EXTERNAL IDS

db:NVDid:CVE-2018-4323

Trust: 3.4

db:JVNid:JVNVU92800088

Trust: 0.8

db:JVNid:JVNVU93341447

Trust: 0.8

db:JVNDBid:JVNDB-2018-014879

Trust: 0.8

db:CNNVDid:CNNVD-201809-1158

Trust: 0.7

db:EXPLOIT-DBid:45484

Trust: 0.2

db:PACKETSTORMid:149554

Trust: 0.1

db:VULHUBid:VHN-134354

Trust: 0.1

db:VULMONid:CVE-2018-4323

Trust: 0.1

db:PACKETSTORMid:150119

Trust: 0.1

db:PACKETSTORMid:150115

Trust: 0.1

db:PACKETSTORMid:149514

Trust: 0.1

db:PACKETSTORMid:150114

Trust: 0.1

db:PACKETSTORMid:149511

Trust: 0.1

db:PACKETSTORMid:150117

Trust: 0.1

db:PACKETSTORMid:149513

Trust: 0.1

db:PACKETSTORMid:149722

Trust: 0.1

sources: VULHUB: VHN-134354 // VULMON: CVE-2018-4323 // JVNDB: JVNDB-2018-014879 // PACKETSTORM: 150119 // PACKETSTORM: 150115 // PACKETSTORM: 149514 // PACKETSTORM: 150114 // PACKETSTORM: 149511 // PACKETSTORM: 150117 // PACKETSTORM: 149513 // PACKETSTORM: 149722 // CNNVD: CNNVD-201809-1158 // NVD: CVE-2018-4323

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2018-4323

Trust: 2.2

url:https://support.apple.com/kb/ht209106

Trust: 1.8

url:https://support.apple.com/kb/ht209107

Trust: 1.8

url:https://support.apple.com/kb/ht209109

Trust: 1.8

url:https://support.apple.com/kb/ht209140

Trust: 1.8

url:https://support.apple.com/kb/ht209141

Trust: 1.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4323

Trust: 0.8

url:http://jvn.jp/vu/jvnvu93341447/index.html

Trust: 0.8

url:http://jvn.jp/vu/jvnvu92800088/index.html

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4318

Trust: 0.8

url:https://support.apple.com/kb/ht201222

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4191

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4309

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4315

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4197

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4316

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4317

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4306

Trust: 0.8

url:https://www.apple.com/support/security/pgp/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4312

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4328

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4314

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4299

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4319

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-4311

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-4361

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-4345

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-4359

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-4358

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2018-4126

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2018-4305

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4313

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1777

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4321

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4360

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4307

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4329

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-4203

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4336

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4344

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4304

Trust: 0.2

url:https://support.apple.com/ht204283

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4412

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4414

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4347

Trust: 0.2

url:https://www.apple.com/itunes/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4322

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-4325

Trust: 0.2

url:https://www.apple.com/itunes/download/

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://www.exploit-db.com/exploits/45484/

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://usn.ubuntu.com/3781-1/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4332

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4343

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4340

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4331

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4341

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4337

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4338

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4335

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4333

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4326

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4310

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-4195

Trust: 0.1

url:https://www.tencent.com)

Trust: 0.1

sources: VULHUB: VHN-134354 // VULMON: CVE-2018-4323 // JVNDB: JVNDB-2018-014879 // PACKETSTORM: 150119 // PACKETSTORM: 150115 // PACKETSTORM: 149514 // PACKETSTORM: 150114 // PACKETSTORM: 149511 // PACKETSTORM: 150117 // PACKETSTORM: 149513 // PACKETSTORM: 149722 // CNNVD: CNNVD-201809-1158 // NVD: CVE-2018-4323

CREDITS

Apple

Trust: 0.8

sources: PACKETSTORM: 150119 // PACKETSTORM: 150115 // PACKETSTORM: 149514 // PACKETSTORM: 150114 // PACKETSTORM: 149511 // PACKETSTORM: 150117 // PACKETSTORM: 149513 // PACKETSTORM: 149722

SOURCES

db:VULHUBid:VHN-134354
db:VULMONid:CVE-2018-4323
db:JVNDBid:JVNDB-2018-014879
db:PACKETSTORMid:150119
db:PACKETSTORMid:150115
db:PACKETSTORMid:149514
db:PACKETSTORMid:150114
db:PACKETSTORMid:149511
db:PACKETSTORMid:150117
db:PACKETSTORMid:149513
db:PACKETSTORMid:149722
db:CNNVDid:CNNVD-201809-1158
db:NVDid:CVE-2018-4323

LAST UPDATE DATE

2024-11-23T21:01:41.989000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-134354date:2019-04-04T00:00:00
db:VULMONid:CVE-2018-4323date:2019-04-04T00:00:00
db:JVNDBid:JVNDB-2018-014879date:2019-04-17T00:00:00
db:CNNVDid:CNNVD-201809-1158date:2019-04-09T00:00:00
db:NVDid:CVE-2018-4323date:2024-11-21T04:07:11.650

SOURCES RELEASE DATE

db:VULHUBid:VHN-134354date:2019-04-03T00:00:00
db:VULMONid:CVE-2018-4323date:2019-04-03T00:00:00
db:JVNDBid:JVNDB-2018-014879date:2019-04-17T00:00:00
db:PACKETSTORMid:150119date:2018-10-31T16:17:40
db:PACKETSTORMid:150115date:2018-10-31T16:10:39
db:PACKETSTORMid:149514date:2018-09-25T16:28:22
db:PACKETSTORMid:150114date:2018-10-31T16:10:29
db:PACKETSTORMid:149511date:2018-09-25T16:20:49
db:PACKETSTORMid:150117date:2018-10-31T16:10:59
db:PACKETSTORMid:149513date:2018-09-25T16:25:47
db:PACKETSTORMid:149722date:2018-10-09T16:58:43
db:CNNVDid:CNNVD-201809-1158date:2018-09-27T00:00:00
db:NVDid:CVE-2018-4323date:2019-04-03T18:29:07.800