Vulnerability CVE-2018-4209


Published: 2019-01-11

Description:
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Canonical -> Ubuntu linux 
Apple -> Apple tv 
Apple -> Icloud 
Apple -> Itunes 
Apple -> Safari 
Apple -> Iphone os 
Apple -> Watchos 
Apple -> TVOS 

 References:
https://security.gentoo.org/glsa/201812-04
https://support.apple.com/en-us/HT208693
https://support.apple.com/en-us/HT208695
https://support.apple.com/en-us/HT208696
https://support.apple.com/en-us/HT208697
https://support.apple.com/en-us/HT208698
https://support.apple.com/HT208693
,
https://support.apple.com/HT208694
https://support.apple.com/HT208695
,
https://support.apple.com/HT208696
,
https://support.apple.com/HT208697
,
https://support.apple.com/HT208698
,
https://usn.ubuntu.com/3781-1/

Copyright 2024, cxsecurity.com

 

Back to Top