Published: 08/06/2018 Updated: 03/10/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

An issue exists in certain Apple products. iOS prior to 11.4 is affected. macOS prior to 10.13.5 is affected. The issue involves the "Mail" component. It allows remote malicious users to read the cleartext content of S/MIME encrypted messages via direct exfiltration.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x
apple iphone os

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-23-3 Additional information for APPLE-SA-2018-06-01-4 iOS 114 iOS 114 addresses the following: Bluetooth Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: A malicious application may be able to elevate privileges Description: A buffer ov ...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-23-2 Additional information for APPLE-SA-2018-06-01-1 macOS High Sierra 10135, Security Update 2018-003 Sierra, Security Update 2018-003 El Capitan macOS High Sierra 10135, Security Update 2018-003 Sierra, and Security Update 2018-003 El Capitan address the following: Accessibil ...

CWE-319 https://support.apple.com/HT208849 https://support.apple.com/HT208848 https://efail.de/#cve http://www.securitytracker.com/id/1041027 http://www.securityfocus.com/bid/104897 https://nvd.nist.gov http://seclists.org/fulldisclosure/2018/Jul/81

CVE-2018-4227

Vulnerability Summary

Mailing Lists

References

Vulmon Search

About

Products

Connect