Vulnerability CVE-2018-4208
Published: 2019-01-11

Description:
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.

Type:

CWE-20

 (Improper Input Validation)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Webkitgtk -> Webkitgtk+ 
Canonical -> Ubuntu linux 
Apple -> Apple tv 
Apple -> Icloud 
Apple -> Itunes 
Apple -> Safari 
Apple -> Iphone os 
Apple -> Watchos 
Apple -> TVOS 

 References:
https://security.gentoo.org/glsa/201812-04
https://support.apple.com/HT208693
,
https://support.apple.com/HT208694
,
https://support.apple.com/HT208695
,
https://support.apple.com/HT208696
https://support.apple.com/HT208697
,
https://support.apple.com/HT208698
,
https://usn.ubuntu.com/3781-1/
Copyright 2024, cxsecurity.com

 

Back to Top