Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2018-4277

Published: 11/01/2019 Updated: 23/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Summary

In iOS prior to 11.4.1, watchOS prior to 4.3.2, tvOS prior to 11.4.1, Safari prior to 11.1.1, macOS High Sierra prior to 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple safari

apple iphone os

apple watchos

apple mac os x

apple tvos

Mailing Lists

Full Disclosure: APPLE-SA-2018-10-30-14 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-14 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10136, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan macOS High Sierra 10136, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan address the following: AMD Availa ...
Full Disclosure: APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-4 macOS High Sierra 10136, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan macOS High Sierra 10136, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan are now available and address the following: AMD Available for: macOS High Sierra 1 ...
Full Disclosure: APPLE-SA-2018-7-9-2 watchOS 4.3.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-2 watchOS 432 watchOS 432 is now available and addresses the following: CFNetwork Available for: All Apple Watch models Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improved checks CVE-2018-4293: an anonymous res ...
Full Disclosure: APPLE-SA-2018-7-9-1 iOS 11.4.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-1 iOS 1141 iOS 1141 is now available and addresses the following: CFNetwork Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improv ...
Full Disclosure: APPLE-SA-2018-7-23-1 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-23-1 Additional information for APPLE-SA-2018-7-9-4 macOS High Sierra 10136, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan macOS High Sierra 10136, Security Update 2018-004 Sierra, and Security Update 2018-004 El Capitan address the following: AMD Availabl ...
Full Disclosure: APPLE-SA-2018-7-9-3 tvOS 11.4.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-3 tvOS 1141 tvOS 1141 is now available and addresses the following: CFNetwork Available for: Apple TV 4K and Apple TV (4th generation) Impact: Cookies may unexpectedly persist in Safari Description: A cookie management issue was addressed with improved checks CVE-2018-4293: a ...

References

CWE-20https://support.apple.com/HT208937http://www.securitytracker.com/id/1041232https://support.apple.com/HT208854https://support.apple.com/HT208936https://support.apple.com/HT208935https://support.apple.com/HT208938https://nvd.nist.govhttp://seclists.org/fulldisclosure/2018/Nov/20
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusionCVE-2023-38506CVE-2024-37198CVE-2023-45197CVE-2024-38621CVE-2024-30103elevation of privilegeCVE-2024-0044IMAP
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook