Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2018-4262

Published: 11/01/2019 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

In Safari prior to 11.1.2, iTunes prior to 12.8 for Windows, iOS prior to 11.4.1, tvOS prior to 11.4.1, iCloud for Windows prior to 7.6, multiple memory corruption issues were addressed with improved memory handling.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple iphone os

apple safari

apple watchos

apple tvos

apple icloud

apple itunes

canonical ubuntu linux 16.04

canonical ubuntu linux 18.04

Vendor Advisories

Ubuntu Security Notice: webkit2gtk vulnerabilities
Several security issues were fixed in WebKitGTK+ ...

Mailing Lists

Full Disclosure: APPLE-SA-2018-7-9-6 iCloud for Windows 7.6
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-6 iCloud for Windows 76 iCloud for Windows 76 is now available and addresses the following: CFNetwork Available for: Windows 7 and later Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improved checks CVE-2018-4293: a ...
Full Disclosure: APPLE-SA-2018-7-9-7 iTunes 12.8 for Windows
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-7 iTunes 128 for Windows iTunes 128 for Windows is now available and addresses the following: CFNetwork Available for: Windows 7 and later Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improved checks CVE-2018-4293: ...
Full Disclosure: APPLE-SA-2018-7-9-2 watchOS 4.3.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-2 watchOS 432 watchOS 432 is now available and addresses the following: CFNetwork Available for: All Apple Watch models Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improved checks CVE-2018-4293: an anonymous res ...
Full Disclosure: APPLE-SA-2018-7-9-1 iOS 11.4.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-1 iOS 1141 iOS 1141 is now available and addresses the following: CFNetwork Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improv ...
Full Disclosure: APPLE-SA-2018-7-9-5 Safari 11.1.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-5 Safari 1112 Safari 1112 is now available and addresses the following: Safari Available for: OS X El Capitan 10116, macOS Sierra 10126, and macOS High Sierra 10136 Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user in ...
Full Disclosure: APPLE-SA-2018-7-9-3 tvOS 11.4.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-3 tvOS 1141 tvOS 1141 is now available and addresses the following: CFNetwork Available for: Apple TV 4K and Apple TV (4th generation) Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improved checks CVE-2018-4293: a ...

Github Repositories

https://github.com/blacktop/docker-webkit

Dockerized WebKit Dev/Research Environment

docker-webkit Dockerized WebKit Dev/Research Environment Dependencies ubuntu:bionic Image Tags $ docker images REPOSITORY TAG SIZE blacktop/webkit latest 946MB blacktop/webkit jsc 946MB blacktop/webkit minibrowser 946MB blacktop/webkit snapshot

References

CWE-119https://support.apple.com/HT208935https://usn.ubuntu.com/3743-1/https://security.gentoo.org/glsa/201808-04http://www.securitytracker.com/id/1041232https://support.apple.com/HT208934%2Chttps://support.apple.com/HT208938%2Chttps://nvd.nist.govhttps://usn.ubuntu.com/3743-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusionCVE-2023-38506CVE-2024-37198CVE-2023-45197CVE-2024-38621CVE-2024-30103elevation of privilegeCVE-2024-0044IMAP
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook