8.8
CVSSv3

CVE-2018-4386

Published: 03/04/2019 Updated: 08/01/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple safari

apple tvos

apple iphone os

apple watchos

apple itunes

apple icloud

Vendor Advisories

Several security issues were fixed in WebKitGTK+ ...

Exploits

WebKit JSC has an issue where BytecodeGenerator::hoistSloppyModeFunctionIfNecessary does not invalidate the ForInContext object ...
Sony Playstation 4 (PS4) versions prior to 672 webkit code execution proof of concept exploit ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-3 Safari 1201 Safari 1201 is now available and addresses the following: Safari Reader Available for: macOS Sierra 10126, macOS High Sierra 10136, and macOS Mojave 1014 Impact: Enabling the Safari Reader feature on a maliciously crafted webpage may lead to universal cros ...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-4 watchOS 51 watchOS 51 is now available and addresses the following: AppleAVD Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation C ...

Github Repositories

bad_hoist Exploit implementation of CVE-2018-4386 Obtains addrof/fakeobj and arbitrary read/write primitives Supports PS4 consoles on 6XX May also work on older firmware versions, but I am not sure Bug was fixed in firmware 700