DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2018-4293", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2018-4293", "description": "A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.", "published": "2019-04-03T18:29:00", "modified": "2019-04-05T14:45:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4293", "reporter": "product-security@apple.com", "references": ["https://support.apple.com/kb/HT208938", "https://support.apple.com/kb/HT208937", "https://support.apple.com/kb/HT208936", "https://support.apple.com/kb/HT208935", "https://support.apple.com/kb/HT208933", "https://support.apple.com/kb/HT208932"], "cvelist": ["CVE-2018-4293"], "immutableFields": [], "lastseen": "2022-03-23T17:33:57", "viewCount": 28, "enchantments": {"dependencies": {"references": [{"type": "apple", "idList": ["APPLE:80F205F5E8A723A8899FE7CE7D761778", "APPLE:8CB247B18F47EA0CF69B5669B06D8473", "APPLE:CCBE145FF9FF633165B1339D00B64FBE", "APPLE:D17905765727DBA1F818A539B231771B", "APPLE:F52BBE9E38D36E50FE361A61D2A33D59", "APPLE:F907B2739AEB3011F5D0E50C8CB626CC", "APPLE:HT208932", "APPLE:HT208933", "APPLE:HT208935", "APPLE:HT208936", "APPLE:HT208937", "APPLE:HT208938"]}, {"type": "kaspersky", "idList": ["KLA11292"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-CFNETWORK-CVE-2018-4293/"]}, {"type": "nessus", "idList": ["700517.PRM", "700551.PRM", "APPLETV_11_4_1.NASL", "APPLE_IOS_1141_CHECK.NBIN", "ITUNES_12_8.NASL", "ITUNES_12_8_BANNER.NASL", "MACOSX_SECUPD2018-004.NASL", "MACOS_10_13_6.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813558", "OPENVAS:1361412562310813559", "OPENVAS:1361412562310813635"]}], "rev": 4}, "score": {"value": 5.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "apple", "idList": ["APPLE:80F205F5E8A723A8899FE7CE7D761778", "APPLE:8CB247B18F47EA0CF69B5669B06D8473", "APPLE:CCBE145FF9FF633165B1339D00B64FBE", "APPLE:D17905765727DBA1F818A539B231771B", "APPLE:F52BBE9E38D36E50FE361A61D2A33D59", "APPLE:F907B2739AEB3011F5D0E50C8CB626CC", "APPLE:HT208932", "APPLE:HT208933", "APPLE:HT208935", "APPLE:HT208936", "APPLE:HT208937", "APPLE:HT208938"]}, {"type": "kaspersky", "idList": ["KLA11292"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-CFNETWORK-CVE-2018-4293/"]}, {"type": "nessus", "idList": ["APPLETV_11_4_1.NASL", "ITUNES_12_8.NASL", "MACOSX_SECUPD2018-004.NASL", "MACOS_10_13_6.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813558", "OPENVAS:1361412562310813559", "OPENVAS:1361412562310813635"]}]}, "exploitation": null, "vulnersScore": 5.3}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": [], "cpe23": [], "cwe": ["CWE-20"], "affectedSoftware": [{"cpeName": "apple:mac_os_x", "version": "10.13.6", "operator": "lt", "name": "apple mac os x"}, {"cpeName": "apple:watchos", "version": "4.3.2", "operator": "lt", "name": "apple watchos"}, {"cpeName": "apple:iphone_os", "version": "11.4.1", "operator": "lt", "name": "apple iphone os"}, {"cpeName": "apple:tvos", "version": "11.4.1", "operator": "lt", "name": "apple tvos"}, {"cpeName": "apple:icloud", "version": "7.6", "operator": "lt", "name": "apple icloud"}, {"cpeName": "apple:itunes", "version": "12.8", "operator": "lt", "name": "apple itunes"}], "affectedConfiguration": [{"name": "microsoft windows", "cpeName": "microsoft:windows", "version": "-", "operator": "eq"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.13.6:*:*:*:*:*:*:*", "versionEndExcluding": "10.13.6", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:watchos:4.3.2:*:*:*:*:*:*:*", "versionEndExcluding": "4.3.2", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:iphone_os:11.4.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.4.1", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:apple:tvos:11.4.1:*:*:*:*:*:*:*", "versionEndExcluding": "11.4.1", "cpe_name": []}]}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:apple:icloud:7.6:*:*:*:*:*:*:*", "versionEndExcluding": "7.6", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:apple:itunes:12.8:*:*:*:*:*:*:*", "versionEndExcluding": "12.8", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}]}, "extraReferences": [{"url": "https://support.apple.com/kb/HT208938", "name": "https://support.apple.com/kb/HT208938", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/kb/HT208937", "name": "https://support.apple.com/kb/HT208937", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/kb/HT208936", "name": "https://support.apple.com/kb/HT208936", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/kb/HT208935", "name": "https://support.apple.com/kb/HT208935", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/kb/HT208933", "name": "https://support.apple.com/kb/HT208933", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/kb/HT208932", "name": "https://support.apple.com/kb/HT208932", "refsource": "MISC", "tags": ["Vendor Advisory"]}]}

{"openvas": [{"lastseen": "2019-07-17T14:04:18", "description": "This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-07-10T00:00:00", "type": "openvas", "title": "Apple MacOSX Security Updates(HT208937)-02", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4283", "CVE-2018-4285", "CVE-2018-4277", "CVE-2018-4248", "CVE-2018-4289", "CVE-2018-4268", "CVE-2018-4293"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310813635", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813635", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple MacOSX Security Updates(HT208937)-02\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813635\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2018-4277\", \"CVE-2018-4289\", \"CVE-2018-4248\", \"CVE-2018-4283\",\n \"CVE-2018-4293\", \"CVE-2018-4268\", \"CVE-2018-4285\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-07-10 10:54:05 +0530 (Tue, 10 Jul 2018)\");\n script_name(\"Apple MacOSX Security Updates(HT208937)-02\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - A spoofing issue existed in the handling of URLs.\n\n - A vulnerable code which leads to information disclosure.\n\n - An out-of-bounds read issue due to improper input validation.\n\n - A cookie management issue.\n\n - A memory corruption issue due to poor memory handling.\n\n - A type confusion issue due to poor memory handling.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to conduct address bar spoofing, obtain sensitive information,\n execute arbitrary code, escalate privileges and cause denial of service condition.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X versions 10.13.x through 10.13.5.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Mac OS X 10.13.6 or\n later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT208937\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.13\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer || osVer !~ \"^10\\.13\" || \"Mac OS X\" >!< osName){\n exit(0);\n}\n\nif(version_is_less(version:osVer, test_version:\"10.13.6\"))\n{\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"10.13.6\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-17T14:04:17", "description": "This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-07-10T00:00:00", "type": "openvas", "title": "Apple iTunes Security Updates(HT208933)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4270", "CVE-2018-4266", "CVE-2018-4272", "CVE-2018-4264", "CVE-2018-4261", "CVE-2018-4267", "CVE-2018-4273", "CVE-2018-4271", "CVE-2018-4278", "CVE-2018-4263", "CVE-2018-4284", "CVE-2018-4293", "CVE-2018-4265", "CVE-2018-4262"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310813558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813558", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iTunes Security Updates(HT208933)-Windows\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:itunes\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813558\");\n script_version(\"2019-07-05T08:56:43+0000\");\n script_cve_id(\"CVE-2018-4293\", \"CVE-2018-4270\", \"CVE-2018-4278\", \"CVE-2018-4284\",\n \"CVE-2018-4266\", \"CVE-2018-4261\", \"CVE-2018-4262\", \"CVE-2018-4263\",\n \"CVE-2018-4264\", \"CVE-2018-4265\", \"CVE-2018-4267\", \"CVE-2018-4272\",\n \"CVE-2018-4271\", \"CVE-2018-4273\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:56:43 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-07-10 13:34:53 +0530 (Tue, 10 Jul 2018)\");\n script_name(\"Apple iTunes Security Updates(HT208933)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iTunes\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - A cookie management issue in improved checks.\n\n - A memory corruption issue in memory handling.\n\n - Sound fetched through audio elements exfiltrated cross-origin.\n\n - A type confusion issue in memory handling.\n\n - A race condition in validation.\n\n - Multiple memory corruption issues in memory handling.\n\n - Multiple memory corruption issues in input validation.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to crash Safari, exfiltrate audio data cross-origin, execute arbitrary code and\n cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Apple iTunes versions before 12.8 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iTunes 12.8 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT208933\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_apple_itunes_detection_win_900123.nasl\");\n script_mandatory_keys(\"iTunes/Win/Ver\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nituneVer = infos['version'];\nitunePath = infos['location'];\n\n#after installation in registry version 12.8 = 12.8.0.150\nif(version_is_less(version:ituneVer, test_version:\"12.8.0.150\"))\n{\n report = report_fixed_ver(installed_version:ituneVer, fixed_version:\"12.8\", install_path:itunePath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-17T14:04:25", "description": "This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2018-07-10T00:00:00", "type": "openvas", "title": "Apple iCloud Security Updates(HT208932)-Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4270", "CVE-2018-4266", "CVE-2018-4272", "CVE-2018-4264", "CVE-2018-4261", "CVE-2018-4267", "CVE-2018-4273", "CVE-2018-4271", "CVE-2018-4278", "CVE-2018-4263", "CVE-2018-4284", "CVE-2018-4293", "CVE-2018-4265", "CVE-2018-4262"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310813559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310813559", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Apple iCloud Security Updates(HT208932)-Windows\n#\n# Authors:\n# Rajat Mishra <rajatm@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:apple:icloud\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.813559\");\n script_version(\"2019-07-05T08:56:43+0000\");\n script_cve_id(\"CVE-2018-4293\", \"CVE-2018-4270\", \"CVE-2018-4284\", \"CVE-2018-4278\",\n \"CVE-2018-4266\", \"CVE-2018-4261\", \"CVE-2018-4262\", \"CVE-2018-4263\",\n \"CVE-2018-4264\", \"CVE-2018-4265\", \"CVE-2018-4267\", \"CVE-2018-4272\",\n \"CVE-2018-4271\", \"CVE-2018-4273\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 08:56:43 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-07-10 13:35:57 +0530 (Tue, 10 Jul 2018)\");\n script_name(\"Apple iCloud Security Updates(HT208932)-Windows\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple iCloud\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The multiple flaws exists due to,\n\n - A cookie management issue in improved checks.\n\n - A memory corruption issue in memory handling.\n\n - Sound fetched through audio elements exfiltrated cross-origin.\n\n - A type confusion issue in memory handling.\n\n - A race condition in validation.\n\n - Multiple memory corruption issues in memory handling.\n\n - Multiple memory corruption issues in input validation.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attackers\n to crash Safari, exfiltrate audio data cross-origin, execute arbitrary code and\n cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"Apple iCloud versions before 7.6 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple iCloud 7.6 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT208932\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_apple_icloud_detect_win.nasl\");\n script_mandatory_keys(\"apple/icloud/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE )) exit(0);\nicVer = infos['version'];\nicPath = infos['location'];\n\n#version in registry after installation of 7.6 = 7.6.0.15\nif(version_is_less(version:icVer, test_version:\"7.6.0.15\"))\n{\n report = report_fixed_ver(installed_version:icVer, fixed_version:\"7.6\", install_path:icPath);\n security_message(data:report);\n exit(0);\n}\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:30:45", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.8. It is, therefore, affected by multiple vulnerabilities in WebKit as referenced in the HT208933 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-10-02T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.8 Multiple Vulnerabilities (uncredentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4278", "CVE-2018-4284", "CVE-2018-4293"], "modified": "2019-11-01T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_8_BANNER.NASL", "href": "https://www.tenable.com/plugins/nessus/117878", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117878);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/11/01\");\n\n script_cve_id(\n \"CVE-2018-4261\",\n \"CVE-2018-4262\",\n \"CVE-2018-4263\",\n \"CVE-2018-4264\",\n \"CVE-2018-4265\",\n \"CVE-2018-4266\",\n \"CVE-2018-4267\",\n \"CVE-2018-4270\",\n \"CVE-2018-4271\",\n \"CVE-2018-4272\",\n \"CVE-2018-4273\",\n \"CVE-2018-4278\",\n \"CVE-2018-4284\",\n \"CVE-2018-4293\"\n );\n script_bugtraq_id(\n 104844,\n 542127,\n 542130,\n 542207\n );\n\n script_name(english:\"Apple iTunes < 12.8 Multiple Vulnerabilities (uncredentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.8. It is, therefore, affected by multiple vulnerabilities\nin WebKit as referenced in the HT208933 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-ie/HT208933\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-4284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Peer-To-Peer File Sharing\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_sharing.nasl\");\n script_require_keys(\"iTunes/sharing\");\n script_require_ports(\"Services/www\", 3689);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\nport = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);\n\nget_kb_item_or_exit(\"iTunes/\" + port + \"/enabled\");\n\ntype = get_kb_item_or_exit(\"iTunes/\" + port + \"/type\");\nsource = get_kb_item_or_exit(\"iTunes/\" + port + \"/source\");\nversion = get_kb_item_or_exit(\"iTunes/\" + port + \"/version\");\n\nif (type != 'Windows') audit(AUDIT_OS_NOT, \"Windows\");\n\nfixed_version = \"12.8\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) < 0)\n{\n report = '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"iTunes\", port, version);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:31:46", "description": "The version of Apple iTunes installed on the remote Windows host is prior to 12.8. It is, therefore, affected by multiple vulnerabilities as referenced in the HT208933 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-07-16T00:00:00", "type": "nessus", "title": "Apple iTunes < 12.8 Multiple Vulnerabilities (credentialed check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4278", "CVE-2018-4284", "CVE-2018-4293"], "modified": "2019-11-04T00:00:00", "cpe": ["cpe:/a:apple:itunes"], "id": "ITUNES_12_8.NASL", "href": "https://www.tenable.com/plugins/nessus/111105", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111105);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/11/04\");\n\n script_cve_id(\n \"CVE-2018-4261\",\n \"CVE-2018-4262\",\n \"CVE-2018-4263\",\n \"CVE-2018-4264\",\n \"CVE-2018-4265\",\n \"CVE-2018-4266\",\n \"CVE-2018-4267\",\n \"CVE-2018-4270\",\n \"CVE-2018-4271\",\n \"CVE-2018-4272\",\n \"CVE-2018-4273\",\n \"CVE-2018-4278\",\n \"CVE-2018-4284\",\n \"CVE-2018-4293\"\n );\n script_bugtraq_id(\n 104844,\n 542127,\n 542130,\n 542207\n );\n\n script_name(english:\"Apple iTunes < 12.8 Multiple Vulnerabilities (credentialed check)\");\n script_summary(english:\"Checks the version of iTunes on Windows.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Apple iTunes installed on the remote Windows host is\nprior to 12.8. It is, therefore, affected by multiple vulnerabilities \nas referenced in the HT208933 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-ie/HT208933\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple iTunes version 12.8 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-4284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:itunes\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"itunes_detect.nasl\");\n script_require_keys(\"installed_sw/iTunes Version\", \"SMB/Registry/Enumerated\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\n# Ensure this is Windows\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\n\napp_info = vcf::get_app_info(app:\"iTunes Version\", win_local:TRUE);\n\nconstraints = [{\"fixed_version\" : \"12.8\"}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:31:43", "description": "According to its banner, the version of Apple TV on the remote device is prior to 11.4.1. It is, therefore, affected by multiple vulnerabilities as described in the HT208936 security advisory.\n\nNote that only 4th and 5th generation models are affected by these vulnerabilities.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-07-16T00:00:00", "type": "nessus", "title": "Apple TV < 11.4.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4248", "CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4277", "CVE-2018-4278", "CVE-2018-4280", "CVE-2018-4282", "CVE-2018-4284", "CVE-2018-4293"], "modified": "2019-11-04T00:00:00", "cpe": ["cpe:/a:apple:apple_tv"], "id": "APPLETV_11_4_1.NASL", "href": "https://www.tenable.com/plugins/nessus/111110", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111110);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/11/04\");\n\n script_cve_id(\n \"CVE-2018-4248\",\n \"CVE-2018-4261\",\n \"CVE-2018-4262\",\n \"CVE-2018-4263\",\n \"CVE-2018-4264\",\n \"CVE-2018-4265\",\n \"CVE-2018-4266\",\n \"CVE-2018-4267\",\n \"CVE-2018-4270\",\n \"CVE-2018-4271\",\n \"CVE-2018-4272\",\n \"CVE-2018-4273\",\n \"CVE-2018-4277\",\n \"CVE-2018-4278\",\n \"CVE-2018-4280\",\n \"CVE-2018-4282\",\n \"CVE-2018-4284\",\n \"CVE-2018-4293\"\n );\n script_bugtraq_id(\n 103957,\n 103958,\n 103961,\n 104378\n );\n\n script_name(english:\"Apple TV < 11.4.1 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apple TV device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of Apple TV on the remote device\nis prior to 11.4.1. It is, therefore, affected by multiple\nvulnerabilities as described in the HT208936 security advisory.\n\nNote that only 4th and 5th generation models are affected by these\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT208936\");\n # https://lists.apple.com/archives/security-announce/2018/Jul/msg00003.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cf6d645c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apple TV version 11.4.1 or later. Note that this update is\nonly available for 4th and 5th generation models.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-4284\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apple:apple_tv\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"appletv_version.nasl\");\n script_require_keys(\"AppleTV/Version\", \"AppleTV/Model\", \"AppleTV/URL\", \"AppleTV/Port\");\n script_require_ports(\"Services/www\", 7000);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"appletv_func.inc\");\n\nurl = get_kb_item('AppleTV/URL');\nif (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');\nport = get_kb_item('AppleTV/Port');\nif (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');\n\nbuild = get_kb_item('AppleTV/Version');\nif (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');\n\nmodel = get_kb_item('AppleTV/Model');\nif (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');\n\n# https://en.wikipedia.org/wiki/TvOS\n# 4th gen model \"5,3\" and 5th gen model \"6,2\" share same build\nfixed_build = \"15M73\";\ntvos_ver = '11';\n\n# determine gen from the model\ngen = APPLETV_MODEL_GEN[model];\n\nappletv_check_version(\n build : build,\n fix : fixed_build,\n affected_gen : make_list(4, 5),\n fix_tvos_ver : tvos_ver,\n model : model,\n gen : gen,\n port : port,\n url : url,\n severity : SECURITY_WARNING\n);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:27:08", "description": "The version of Apple iOS running on the mobile device is prior to 11.4.1. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-17T00:00:00", "type": "nessus", "title": "Apple iOS < 11.4.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4278", "CVE-2018-4284", "CVE-2018-4275", "CVE-2018-4280", "CVE-2018-4260", "CVE-2018-4274", "CVE-2018-4282", "CVE-2018-4248", "CVE-2018-4290", "CVE-2018-4293", "CVE-2018-4277"], "modified": "2019-04-17T00:00:00", "cpe": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "id": "700551.PRM", "href": "https://www.tenable.com/plugins/nnm/700551", "sourceData": "Binary data 700551.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-22T14:41:14", "description": "The version of Apple iOS running on the mobile device is prior to 11.4.1. It is, therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-07-20T00:00:00", "type": "nessus", "title": "Apple iOS < 11.4.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-4216", "CVE-2018-4248", "CVE-2018-4260", "CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4274", "CVE-2018-4275", "CVE-2018-4277", "CVE-2018-4278", "CVE-2018-4280", "CVE-2018-4282", "CVE-2018-4284", "CVE-2018-4290", "CVE-2018-4293", "CVE-2018-4327"], "modified": "2022-06-21T00:00:00", "cpe": ["cpe:/o:apple:iphone_os"], "id": "APPLE_IOS_1141_CHECK.NBIN", "href": "https://www.tenable.com/plugins/nessus/111218", "sourceData": "Binary data apple_ios_1141_check.nbin", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:31:44", "description": "The remote host is running Mac OS X 10.11.6 or Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-17T00:00:00", "type": "nessus", "title": "macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-0898", "CVE-2017-10784", "CVE-2017-14033", "CVE-2017-14064", "CVE-2017-17405", "CVE-2017-17742", "CVE-2018-3665", "CVE-2018-4178", "CVE-2018-4248", "CVE-2018-4259", "CVE-2018-4268", "CVE-2018-4269", "CVE-2018-4276", "CVE-2018-4277", "CVE-2018-4280", "CVE-2018-4283", "CVE-2018-4285", "CVE-2018-4286", "CVE-2018-4287", "CVE-2018-4288", "CVE-2018-4289", "CVE-2018-4291", "CVE-2018-4293", "CVE-2018-5383", "CVE-2018-6797", "CVE-2018-6913", "CVE-2018-6914", "CVE-2018-8777", "CVE-2018-8778", "CVE-2018-8779", "CVE-2018-8780"], "modified": "2019-06-19T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOSX_SECUPD2018-004.NASL", "href": "https://www.tenable.com/plugins/nessus/111136", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111136);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/06/19 15:17:43\");\n\n script_cve_id(\n \"CVE-2017-0898\",\n \"CVE-2017-10784\",\n \"CVE-2017-14033\",\n \"CVE-2017-14064\",\n \"CVE-2017-17405\",\n \"CVE-2017-17742\",\n \"CVE-2018-3665\",\n \"CVE-2018-4178\",\n \"CVE-2018-4248\",\n \"CVE-2018-4259\",\n \"CVE-2018-4268\",\n \"CVE-2018-4269\",\n \"CVE-2018-4276\",\n \"CVE-2018-4277\",\n \"CVE-2018-4280\",\n \"CVE-2018-4283\",\n \"CVE-2018-4285\",\n \"CVE-2018-4286\",\n \"CVE-2018-4287\",\n \"CVE-2018-4288\",\n \"CVE-2018-4289\",\n \"CVE-2018-4291\",\n \"CVE-2018-4293\",\n \"CVE-2018-5383\",\n \"CVE-2018-6797\",\n \"CVE-2018-6913\",\n \"CVE-2018-6914\",\n \"CVE-2018-8777\",\n \"CVE-2018-8778\",\n \"CVE-2018-8779\",\n \"CVE-2018-8780\"\n );\nscript_bugtraq_id(\n 100853,\n 100862,\n 100868,\n 100890,\n 102204,\n 103683,\n 103684,\n 103686,\n 103693,\n 103739,\n 103767,\n 103953,\n 104460,\n 104844,\n 104879\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2018-7-9-4\");\n\n script_name(english:\"macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-004)\");\n script_summary(english:\"Checks for the presence of Security Update 2018-004.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS or Mac OS X security update that\nfixes multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running Mac OS X 10.11.6 or Mac OS X 10.12.6 and is\nmissing a security update. It is therefore, affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT208937\");\n # https://lists.apple.com/archives/security-announce/2018/Jul/msg00005.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?981755ca\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2018-004 or later for 10.11.x or\nSecurity Update 2018-004 or later for 10.12.x.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-4268\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"lists.inc\");\n\npatch = \"2018-004\";\napplicable_macos_versions = ['10.11.6', '10.12.6'];\n\n# Compare 2 patch numbers to determine if patch requirements are satisfied.\n# Return true if this patch or a later patch is applied\n# Return false otherwise\nfunction check_patch(year, number)\n{\n local_var p_split = split(patch, sep:\"-\");\n local_var p_year = int( p_split[0]);\n local_var p_num = int( p_split[1]);\n\n if (year > p_year) return TRUE;\n else if (year < p_year) return FALSE;\n else if (number >= p_num) return TRUE;\n else return FALSE;\n}\n\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\nos = get_kb_item_or_exit(\"Host/MacOSX/Version\");\n\nmatches = pregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (empty_or_null(matches)) exit(1, \"Failed to parse the macOS / Mac OS X version ('\" + os + \"').\");\nversion = matches[1];\nif (!collib::contains(item:version, list:applicable_macos_versions)) audit(AUDIT_OS_SP_NOT_VULN);\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nsec_boms_report = pgrep(\n pattern:\"^com\\.apple\\.pkg\\.update\\.(security\\.|os\\.SecUpd).*bom$\",\n string:packages\n);\nsec_boms = split(sec_boms_report, sep:'\\n');\n\nforeach package (sec_boms)\n{\n # Grab patch year and number\n matches = pregmatch(pattern:\"[^0-9](20[0-9][0-9])[-.]([0-9]{3})[^0-9]\", string:package);\n if (empty_or_null(matches)) continue;\n if (empty_or_null(matches[1]) || empty_or_null(matches[2]))\n continue;\n\n patch_found = check_patch(year:int(matches[1]), number:int(matches[2]));\n if (patch_found) exit(0, \"The host has Security Update \" + patch + \" or later installed and is therefore not affected.\");\n}\n\nreport = '\\n Missing security update : ' + patch;\nreport += '\\n Installed security BOMs : ';\nif (sec_boms_report) report += str_replace(find:'\\n', replace:'\\n ', string:sec_boms_report);\nelse report += 'n/a';\nreport += '\\n';\n\nsecurity_report_v4(port:0, severity:SECURITY_HOLE, extra:report);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:27:08", "description": "The remote host is running a version of macOS that is 10.13.x prior to 10.13.6. It is, therefore, affected by multiple vulnerabilities in the following components:\n\n - Accounts\n - AMD\n - APFS\n - ATS\n - Bluetooth\n - CFNetwork\n - CoreCrypto\n - CUPS\n - DesktopServices\n - Intel Graphics Driver\n - IOGraphics\n - Kernel\n - libxpc\n - LinkPresentation\n - Perl\n - Ruby\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-10T00:00:00", "type": "nessus", "title": "macOS 10.13.x < 10.13.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6797", "CVE-2018-6913", "CVE-2018-3665", "CVE-2017-17742", "CVE-2018-6914", "CVE-2018-8777", "CVE-2018-8778", "CVE-2018-8779", "CVE-2018-8780", "CVE-2018-5383", "CVE-2017-0898", "CVE-2017-10784", "CVE-2017-14033", "CVE-2017-14064", "CVE-2017-17405", "CVE-2018-4269", "CVE-2018-4259", "CVE-2018-4268", "CVE-2018-4280", "CVE-2018-4285", "CVE-2018-4286", "CVE-2018-4291", "CVE-2018-4287", "CVE-2018-4288", "CVE-2018-4276", "CVE-2018-4248", "CVE-2018-4289", "CVE-2018-4283", "CVE-2018-4178", "CVE-2018-4293", "CVE-2018-4277"], "modified": "2019-04-10T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "700517.PRM", "href": "https://www.tenable.com/plugins/nnm/700517", "sourceData": "Binary data 700517.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:31:39", "description": "The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.6. It is, therefore, affected by multiple vulnerabilities.\n\nNote that successful exploitation of the most serious issues can result in arbitrary code execution.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-17T00:00:00", "type": "nessus", "title": "macOS 10.13.x < 10.13.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-0898", "CVE-2017-10784", "CVE-2017-14033", "CVE-2017-14064", "CVE-2017-17405", "CVE-2017-17742", "CVE-2018-3665", "CVE-2018-4178", "CVE-2018-4248", "CVE-2018-4259", "CVE-2018-4268", "CVE-2018-4269", "CVE-2018-4276", "CVE-2018-4277", "CVE-2018-4280", "CVE-2018-4283", "CVE-2018-4285", "CVE-2018-4286", "CVE-2018-4287", "CVE-2018-4288", "CVE-2018-4289", "CVE-2018-4291", "CVE-2018-4293", "CVE-2018-4456", "CVE-2018-4470", "CVE-2018-5383", "CVE-2018-6797", "CVE-2018-6913", "CVE-2018-6914", "CVE-2018-8777", "CVE-2018-8778", "CVE-2018-8779", "CVE-2018-8780"], "modified": "2019-06-19T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_10_13_6.NASL", "href": "https://www.tenable.com/plugins/nessus/111137", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111137);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/06/19 15:17:43\");\n\n script_cve_id(\n \"CVE-2017-0898\",\n \"CVE-2017-10784\",\n \"CVE-2017-14033\",\n \"CVE-2017-14064\",\n \"CVE-2017-17405\",\n \"CVE-2017-17742\",\n \"CVE-2018-3665\",\n \"CVE-2018-4178\",\n \"CVE-2018-4248\",\n \"CVE-2018-4259\",\n \"CVE-2018-4268\",\n \"CVE-2018-4269\",\n \"CVE-2018-4276\",\n \"CVE-2018-4277\",\n \"CVE-2018-4280\",\n \"CVE-2018-4283\",\n \"CVE-2018-4285\",\n \"CVE-2018-4286\",\n \"CVE-2018-4287\",\n \"CVE-2018-4288\",\n \"CVE-2018-4289\",\n \"CVE-2018-4291\",\n \"CVE-2018-4293\",\n \"CVE-2018-4456\",\n \"CVE-2018-4470\",\n \"CVE-2018-5383\",\n \"CVE-2018-6797\",\n \"CVE-2018-6913\",\n \"CVE-2018-6914\",\n \"CVE-2018-8777\",\n \"CVE-2018-8778\",\n \"CVE-2018-8779\",\n \"CVE-2018-8780\"\n );\n script_bugtraq_id(\n 100853,\n 100862,\n 100868,\n 100890,\n 102204,\n 103683,\n 103684,\n 103686,\n 103693,\n 103739,\n 103767,\n 103953,\n 104460,\n 104844,\n 106779\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2018-7-9-4\");\n\n script_name(english:\"macOS 10.13.x < 10.13.6 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the version of Mac OS X / macOS.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS update that fixes multiple security\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is\n10.13.x prior to 10.13.6. It is, therefore, affected by multiple\nvulnerabilities.\n\nNote that successful exploitation of the most serious issues can\nresult in arbitrary code execution.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT208937\");\n # https://lists.apple.com/archives/security-announce/2018/Jul/msg00005.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?981755ca\");\n # https://lists.apple.com/archives/security-announce/2018/Jul/msg00008.html \n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9f04312a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS version 10.13.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-4259\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item_or_exit(\"Host/OS\");\n if (\"Mac OS X\" >!< os) audit(AUDIT_OS_NOT, \"macOS / Mac OS X\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) audit(AUDIT_OS_NOT, \"macOS / Mac OS X\");\n\nmatches = pregmatch(pattern:\"Mac OS X ([0-9]+(\\.[0-9]+)+)\", string:os);\nif (empty_or_null(matches)) exit(1, \"Failed to parse the macOS / Mac OS X version ('\" + os + \"').\");\n\nversion = matches[1];\nfix = \"10.13.6\";\n\nif (version !~\"^10\\.13($|[^0-9])\")\n audit(AUDIT_OS_NOT, \"macOS 10.13.x\");\n\nif (ver_compare(ver:version, fix:fix, strict:FALSE) == -1)\n{\n security_report_v4(\n port:0,\n severity:SECURITY_HOLE,\n extra:\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n'\n );\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"macOS / Mac OS X\", version);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2021-08-18T11:12:48", "description": "### *Detect date*:\n07/09/2018\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code and bypass security restrictions.\n\n### *Affected products*:\nApple iTunes earlier than 12.8\n\n### *Solution*:\nUpdate to the latest version \n[Download iTunes](<https://www.apple.com/itunes/download/>)\n\n### *Original advisories*:\n[About the security content of iTunes 12.8 for Windows](<https://support.apple.com/en-us/HT208933>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iTunes](<https://threats.kaspersky.com/en/product/Apple-iTunes/>)\n\n### *CVE-IDS*:\n[CVE-2018-4293](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4293>)5.0Critical \n[CVE-2018-4270](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4270>)4.3Warning \n[CVE-2018-4278](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4278>)4.3Warning \n[CVE-2018-4284](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4284>)6.8High \n[CVE-2018-4266](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4266>)4.3Warning \n[CVE-2018-4261](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4261>)6.8High \n[CVE-2018-4262](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4262>)6.8High \n[CVE-2018-4263](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4263>)6.8High \n[CVE-2018-4264](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4264>)6.8High \n[CVE-2018-4265](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4265>)6.8High \n[CVE-2018-4267](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4267>)6.8High \n[CVE-2018-4272](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4272>)6.8High \n[CVE-2018-4271](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4271>)4.3Warning \n[CVE-2018-4273](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4273>)4.3Warning", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-09T00:00:00", "type": "kaspersky", "title": "KLA11292 Multiple vulnerabilities in Apple iTunes", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4278", "CVE-2018-4284", "CVE-2018-4293"], "modified": "2020-06-03T00:00:00", "id": "KLA11292", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11292/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "apple": [{"lastseen": "2020-12-24T20:42:50", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iCloud for Windows 7.6\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: Windows 7 and later\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**CoreCrypto**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4269: Abraham Masri (@cheesecakeufo)\n\nEntry added October 24, 2018\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated October 24, 2018\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may exfiltrate audio data cross-origin\n\nDescription: Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.\n\nCVE-2018-4278: Jun Kokatsu (@shhnjk)\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4265: cc working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-10-24T04:48:23", "title": "About the security content of iCloud for Windows 7.6 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4270", "CVE-2018-4266", "CVE-2018-4272", "CVE-2018-4264", "CVE-2018-4261", "CVE-2018-4267", "CVE-2018-4273", "CVE-2018-4269", "CVE-2018-4271", "CVE-2018-4278", "CVE-2018-4263", "CVE-2018-4284", "CVE-2018-4293", "CVE-2018-4265", "CVE-2018-4262"], "modified": "2018-10-24T04:48:23", "id": "APPLE:HT208932", "href": "https://support.apple.com/kb/HT208932", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:00:22", "description": "# About the security content of watchOS 4.3.2\n\nThis document describes the security content of watchOS 4.3.2.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## watchOS 4.3.2\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: All Apple Watch models\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**CoreCrypto**\n\nAvailable for: All Apple Watch models\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4269: Abraham Masri (@cheesecakeufo)\n\nEntry added October 2, 2018\n\n**Emoji**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing an emoji under certain configurations may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved memory handling.\n\nCVE-2018-4290: Patrick Wardle of Digita Security\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: A local user may be able to read kernel memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2018-4282: Adam Donenfeld (@doadam) of the Zimperium zLabs Team, Proteas of Qihoo 360 Nirvan Team, Valentin \"slashd\" Shilnenkov\n\nEntry updated November 16, 2018\n\n**libxpc**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4280: Brandon Azad\n\n**libxpc**\n\nAvailable for: All Apple Watch models\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2018-4248: Brandon Azad\n\n**LinkPresentation**\n\nAvailable for: All Apple Watch models\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated October 2, 2018\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n\n\n\n## Additional recognition\n\n**Kernel**\n\nWe would like to acknowledge juwei lin (@panicaII) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: November 17, 2018\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-09T00:00:00", "type": "apple", "title": "About the security content of watchOS 4.3.2", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4248", "CVE-2018-4262", "CVE-2018-4264", "CVE-2018-4266", "CVE-2018-4269", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4277", "CVE-2018-4280", "CVE-2018-4282", "CVE-2018-4284", "CVE-2018-4290", "CVE-2018-4293"], "modified": "2018-07-09T00:00:00", "id": "APPLE:F907B2739AEB3011F5D0E50C8CB626CC", "href": "https://support.apple.com/kb/HT208935", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:43:30", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iTunes 12.8 for Windows\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: Windows 7 and later\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may exfiltrate audio data cross-origin\n\nDescription: Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.\n\nCVE-2018-4278: Jun Kokatsu (@shhnjk)\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated August 1, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4265: cc working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4145: found by OSS-Fuzz\n\nEntry added October 18, 2018\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-01T04:33:04", "title": "About the security content of iTunes 12.8 for Windows - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4270", "CVE-2018-4266", "CVE-2018-4272", "CVE-2018-4264", "CVE-2018-4261", "CVE-2018-4145", "CVE-2018-4267", "CVE-2018-4273", "CVE-2018-4271", "CVE-2018-4278", "CVE-2018-4263", "CVE-2018-4284", "CVE-2018-4293", "CVE-2018-4265", "CVE-2018-4262"], "modified": "2019-08-01T04:33:04", "id": "APPLE:HT208933", "href": "https://support.apple.com/kb/HT208933", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:44:36", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## watchOS 4.3.2\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: All Apple Watch models\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**CoreCrypto**\n\nAvailable for: All Apple Watch models\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4269: Abraham Masri (@cheesecakeufo)\n\nEntry added October 2, 2018\n\n**Emoji**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing an emoji under certain configurations may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved memory handling.\n\nCVE-2018-4290: Patrick Wardle of Digita Security\n\n**Kernel**\n\nAvailable for: All Apple Watch models\n\nImpact: A local user may be able to read kernel memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2018-4282: Adam Donenfeld (@doadam) of the Zimperium zLabs Team, Proteas of Qihoo 360 Nirvan Team, Valentin \"slashd\" Shilnenkov\n\nEntry updated November 16, 2018\n\n**libxpc**\n\nAvailable for: All Apple Watch models\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4280: Brandon Azad\n\n**libxpc**\n\nAvailable for: All Apple Watch models\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2018-4248: Brandon Azad\n\n**LinkPresentation**\n\nAvailable for: All Apple Watch models\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated October 2, 2018\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: All Apple Watch models\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n\n\n\n## Additional recognition\n\n**Kernel**\n\nWe would like to acknowledge juwei lin (@panicaII) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-11-17T01:10:04", "title": "About the security content of watchOS 4.3.2 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4282", "CVE-2018-4270", "CVE-2018-4266", "CVE-2018-4272", "CVE-2018-4264", "CVE-2018-4277", "CVE-2018-4290", "CVE-2018-4273", "CVE-2018-4248", "CVE-2018-4269", "CVE-2018-4271", "CVE-2018-4284", "CVE-2018-4293", "CVE-2018-4280", "CVE-2018-4262"], "modified": "2018-11-17T01:10:04", "id": "APPLE:HT208935", "href": "https://support.apple.com/kb/HT208935", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:00:21", "description": "# About the security content of iTunes 12.8 for Windows\n\nThis document describes the security content of iTunes 12.8 for Windows.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iTunes 12.8 for Windows\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: Windows 7 and later\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may exfiltrate audio data cross-origin\n\nDescription: Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.\n\nCVE-2018-4278: Jun Kokatsu (@shhnjk)\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated August 1, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4265: cc working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4145: found by OSS-Fuzz\n\nEntry added October 18, 2018\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: August 01, 2019\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-09T00:00:00", "type": "apple", "title": "About the security content of iTunes 12.8 for Windows", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4145", "CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4278", "CVE-2018-4284", "CVE-2018-4293"], "modified": "2018-07-09T00:00:00", "id": "APPLE:80F205F5E8A723A8899FE7CE7D761778", "href": "https://support.apple.com/kb/HT208933", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:00:22", "description": "# About the security content of iCloud for Windows 7.6\n\nThis document describes the security content of iCloud for Windows 7.6.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iCloud for Windows 7.6\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: Windows 7 and later\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**CoreCrypto**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4269: Abraham Masri (@cheesecakeufo)\n\nEntry added October 24, 2018\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated October 24, 2018\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may exfiltrate audio data cross-origin\n\nDescription: Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.\n\nCVE-2018-4278: Jun Kokatsu (@shhnjk)\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4265: cc working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: October 24, 2018\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-09T00:00:00", "type": "apple", "title": "About the security content of iCloud for Windows 7.6", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4269", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4278", "CVE-2018-4284", "CVE-2018-4293"], "modified": "2018-07-09T00:00:00", "id": "APPLE:D17905765727DBA1F818A539B231771B", "href": "https://support.apple.com/kb/HT208932", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:43:07", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## tvOS 11.4.1\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**CoreCrypto**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4269: Abraham Masri (@cheesecakeufo)\n\nEntry added October 2, 2018\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A local user may be able to read kernel memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2018-4282: Adam Donenfeld (@doadam) of the Zimperium zLabs Team, Proteas of Qihoo 360 Nirvan Team, Valentin \"slashd\" Shilnenkov\n\nEntry updated November 16, 2018\n\n**libxpc**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4280: Brandon Azad\n\n**libxpc**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2018-4248: Brandon Azad\n\n**LinkPresentation**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious website may exfiltrate audio data cross-origin\n\nDescription: Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.\n\nCVE-2018-4278: Jun Kokatsu (@shhnjk)\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated October 2, 2018\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4265: cc working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n\n\n\n## Additional recognition\n\n**Kernel**\n\nWe would like to acknowledge juwei lin (@panicaII) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-11-17T01:10:16", "title": "About the security content of tvOS 11.4.1 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4282", "CVE-2018-4270", "CVE-2018-4266", "CVE-2018-4272", "CVE-2018-4264", "CVE-2018-4261", "CVE-2018-4277", "CVE-2018-4267", "CVE-2018-4273", "CVE-2018-4248", "CVE-2018-4269", "CVE-2018-4271", "CVE-2018-4278", "CVE-2018-4263", "CVE-2018-4284", "CVE-2018-4293", "CVE-2018-4280", "CVE-2018-4265", "CVE-2018-4262"], "modified": "2018-11-17T01:10:16", "id": "APPLE:HT208936", "href": "https://support.apple.com/kb/HT208936", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-10T17:00:24", "description": "# About the security content of tvOS 11.4.1\n\nThis document describes the security content of tvOS 11.4.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## tvOS 11.4.1\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**CoreCrypto**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4269: Abraham Masri (@cheesecakeufo)\n\nEntry added October 2, 2018\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A local user may be able to read kernel memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2018-4282: Adam Donenfeld (@doadam) of the Zimperium zLabs Team, Proteas of Qihoo 360 Nirvan Team, Valentin \"slashd\" Shilnenkov\n\nEntry updated November 16, 2018\n\n**libxpc**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4280: Brandon Azad\n\n**libxpc**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2018-4248: Brandon Azad\n\n**LinkPresentation**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious website may exfiltrate audio data cross-origin\n\nDescription: Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.\n\nCVE-2018-4278: Jun Kokatsu (@shhnjk)\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated October 2, 2018\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4265: cc working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV (4th generation)\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n\n\n\n## Additional recognition\n\n**Kernel**\n\nWe would like to acknowledge juwei lin (@panicaII) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: November 17, 2018\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-09T00:00:00", "type": "apple", "title": "About the security content of tvOS 11.4.1", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4248", "CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4269", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4277", "CVE-2018-4278", "CVE-2018-4280", "CVE-2018-4282", "CVE-2018-4284", "CVE-2018-4293"], "modified": "2018-07-09T00:00:00", "id": "APPLE:F52BBE9E38D36E50FE361A61D2A33D59", "href": "https://support.apple.com/kb/HT208936", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-31T03:30:32", "description": "# About the security content of iOS 11.4.1\n\nThis document describes the security content of iOS 11.4.1.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iOS 11.4.1\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**Core Bluetooth**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4327: Apple\n\nEntry added August 8, 2018\n\n**Emoji**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing an emoji under certain configurations may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved memory handling.\n\nCVE-2018-4290: Patrick Wardle of Digita Security\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to read kernel memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2018-4282: Adam Donenfeld (@doadam) of the Zimperium zLabs Team, Proteas of Qihoo 360 Nirvan Team, Valentin \"slashd\" Shilnenkov\n\nEntry updated November 16, 2018\n\n**libxpc**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4280: Brandon Azad\n\n**libxpc**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2018-4248: Brandon Azad\n\n**LinkPresentation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**Phone**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to bypass the call confirmation prompt\n\nDescription: A logic issue existed in the handling of call URLs. This issue was addressed with improved state management.\n\nCVE-2018-4216: Abraham Masri (@cheesecakeufo)\n\nEntry added October 18, 2018\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious website may exfiltrate audio data cross-origin\n\nDescription: Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.\n\nCVE-2018-4278: Jun Kokatsu (@shhnjk)\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4274: an anonymous researcher\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated October 18, 2018\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4265: cc working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n\n**WebKit Page Loading**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2018-4260: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**Wi-Fi**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4275: Brandon Azad\n\n\n\n## Additional recognition\n\n**Kernel**\n\nWe would like to acknowledge juwei lin (@panicaII) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: November 17, 2018\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-09T00:00:00", "type": "apple", "title": "About the security content of iOS 11.4.1", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4216", "CVE-2018-4248", "CVE-2018-4260", "CVE-2018-4261", "CVE-2018-4262", "CVE-2018-4263", "CVE-2018-4264", "CVE-2018-4265", "CVE-2018-4266", "CVE-2018-4267", "CVE-2018-4270", "CVE-2018-4271", "CVE-2018-4272", "CVE-2018-4273", "CVE-2018-4274", "CVE-2018-4275", "CVE-2018-4277", "CVE-2018-4278", "CVE-2018-4280", "CVE-2018-4282", "CVE-2018-4284", "CVE-2018-4290", "CVE-2018-4293", "CVE-2018-4327"], "modified": "2018-07-09T00:00:00", "id": "APPLE:8CB247B18F47EA0CF69B5669B06D8473", "href": "https://support.apple.com/kb/HT208938", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:43:42", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## iOS 11.4.1\n\nReleased July 9, 2018\n\n**CFNetwork**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**Core Bluetooth**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4327: Apple\n\nEntry added August 8, 2018\n\n**Emoji**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing an emoji under certain configurations may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved memory handling.\n\nCVE-2018-4290: Patrick Wardle of Digita Security\n\n**Kernel**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A local user may be able to read kernel memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2018-4282: Adam Donenfeld (@doadam) of the Zimperium zLabs Team, Proteas of Qihoo 360 Nirvan Team, Valentin \"slashd\" Shilnenkov\n\nEntry updated November 16, 2018\n\n**libxpc**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4280: Brandon Azad\n\n**libxpc**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2018-4248: Brandon Azad\n\n**LinkPresentation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**Phone**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to bypass the call confirmation prompt\n\nDescription: A logic issue existed in the handling of call URLs. This issue was addressed with improved state management.\n\nCVE-2018-4216: Abraham Masri (@cheesecakeufo)\n\nEntry added October 18, 2018\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious website may exfiltrate audio data cross-origin\n\nDescription: Sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.\n\nCVE-2018-4278: Jun Kokatsu (@shhnjk)\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious website may be able to cause a denial of service\n\nDescription: A race condition was addressed with additional validation.\n\nCVE-2018-4266: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4274: an anonymous researcher\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4270: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4284: found by OSS-Fuzz\n\nEntry updated October 18, 2018\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab\n\nCVE-2018-4265: cc working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative\n\nCVE-2018-4272: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2018-4271: found by OSS-Fuzz\n\nCVE-2018-4273: found by OSS-Fuzz\n\n**WebKit Page Loading**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2018-4260: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**Wi-Fi**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4275: Brandon Azad\n\n\n\n## Additional recognition\n\n**Kernel**\n\nWe would like to acknowledge juwei lin (@panicaII) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative for their assistance.\n", "edition": 3, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-11-17T12:38:42", "title": "About the security content of iOS 11.4.1 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-4327", "CVE-2018-4275", "CVE-2018-4282", "CVE-2018-4270", "CVE-2018-4266", "CVE-2018-4272", "CVE-2018-4264", "CVE-2018-4261", "CVE-2018-4277", "CVE-2018-4290", "CVE-2018-4267", "CVE-2018-4273", "CVE-2018-4248", "CVE-2018-4271", "CVE-2018-4278", "CVE-2018-4263", "CVE-2018-4274", "CVE-2018-4216", "CVE-2018-4284", "CVE-2018-4293", "CVE-2018-4280", "CVE-2018-4260", "CVE-2018-4265", "CVE-2018-4262"], "modified": "2018-11-17T12:38:42", "id": "APPLE:HT208938", "href": "https://support.apple.com/kb/HT208938", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:09", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan\n\nReleased July 9, 2018\n\n**Accounts**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A malicious application may be able to access local users AppleIDs\n\nDescription: A privacy issue in the handling of Open Directory records was addressed with improved indexing.\n\nCVE-2018-4470: Jacob Greenfield of Commonwealth School\n\nEntry added December 10, 2018\n\n**AMD**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An information disclosure issue was addressed by removing the vulnerable code.\n\nCVE-2018-4289: shrek_wzw of Qihoo 360 Nirvan Team\n\n**APFS**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4268: Mac working with Trend Micro's Zero Day Initiative\n\n**ATS**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4285: Mohamed Ghannam (@_simo36)\n\n**Bluetooth**\n\nAvailable for: MacBook Pro (15-inch, 2018) and MacBook Pro (13-inch, 2018, Four Thunderbolt 3 Ports) \nOther Mac models were addressed with [macOS High Sierra 10.13.5](<https://support.apple.com/kb/HT208849>).\n\nImpact: An attacker in a privileged network position may be able to intercept Bluetooth traffic\n\nDescription: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.\n\nCVE-2018-5383: Lior Neumann and Eli Biham\n\nEntry added July 23, 2018\n\n**CFNetwork**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**CoreCrypto**\n\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4269: Abraham Masri (@cheesecakeufo)\n\n**CUPS**\n\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5\n\nImpact: An attacker in a privileged position may be able to perform a denial of service attack\n\nDescription: A null pointer dereference was addressed with improved validation.\n\nCVE-2018-4276: Jakub Jirasek of Secunia Research at Flexera\n\nEntry added September 25, 2018\n\n**DesktopServices**\n\nAvailable for: macOS Sierra 10.12.6\n\nImpact: A local user may be able to view sensitive user information\n\nDescription: A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation.\n\nCVE-2018-4178: Arjen Hendrikse\n\n**Intel Graphics Driver**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4456: Tyler Bohan of Cisco Talos\n\nEntry updated January 22, 2019\n\n**IOGraphics**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A local user may be able to read kernel memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2018-4283: @panicaII working with Trend Micro's Zero Day Initiative\n\n**Kernel**\n\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5\n\nImpact: Systems using Intel\u00ae Core-based microprocessors may potentially allow a local process to infer data utilizing Lazy FP state restore from another process through a speculative execution side channel\n\nDescription: Lazy FP state restore instead of eager save and restore of the state upon a context switch. Lazy restored states are potentially vulnerable to exploits where one process may infer register values of other processes through a speculative execution side channel that infers their value.\n\nAn information disclosure issue was addressed with FP/SIMD register state sanitization.\n\nCVE-2018-3665: Julian Stecklina of Amazon Germany, Thomas Prescher of Cyberus Technology GmbH (cyberus-technology.de), Zdenek Sojka of SYSGO AG (sysgo.com), and Colin Percival\n\n**Kernel**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4259: Kevin Backhouse of Semmle and LGTM.com\n\nCVE-2018-4286: Kevin Backhouse of Semmle and LGTM.com\n\nCVE-2018-4287: Kevin Backhouse of Semmle and LGTM.com\n\nCVE-2018-4288: Kevin Backhouse of Semmle and LGTM.com\n\nCVE-2018-4291: Kevin Backhouse of Semmle and LGTM.com\n\nEntry added October 30, 2018\n\n**libxpc**\n\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4280: Brandon Azad\n\n**libxpc**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2018-4248: Brandon Azad\n\n**LinkPresentation**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**Perl**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Multiple buffer overflow issues existed in Perl\n\nDescription: Multiple issues in Perl were addressed with improved memory handling.\n\nCVE-2018-6797: Brian Carpenter\n\nCVE-2018-6913: GwanYeong Kim\n\nEntry added October 30, 2018\n\n**Ruby**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: Multiple issues in Ruby were addressed in this update.\n\nCVE-2017-0898\n\nCVE-2017-10784\n\nCVE-2017-14033\n\nCVE-2017-14064\n\nCVE-2017-17405\n\nCVE-2017-17742\n\nCVE-2018-6914\n\nCVE-2018-8777\n\nCVE-2018-8778\n\nCVE-2018-8779\n\nCVE-2018-8780\n\nEntry added October 30, 2018\n\n**WebKit**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4274: Tomasz Bojarski\n\nEntry added July 28, 2020\n\n\n\n## Additional recognition\n\n**App Store**\n\nWe would like to acknowledge Jesse Endahl &amp; Stevie Hryciw of Fleetsmith, and Max B\u00e9langer of Dropbox for their assistance.\n\nEntry added August 8, 2018\n\n**Help Viewer**\n\nWe would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance with four mitigations.\n\n**Kernel**\n\nWe would like to acknowledge juwei lin (@panicaII) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative for their assistance.\n\n**Security**\n\nWe would like to acknowledge Brad Dahlsten of Iowa State University for their assistance.\n", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-07-28T05:29:11", "title": "About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0898", "CVE-2017-17405", "CVE-2018-4288", "CVE-2018-8778", "CVE-2017-17742", "CVE-2017-10784", "CVE-2018-8780", "CVE-2018-4286", "CVE-2018-4287", "CVE-2018-6913", "CVE-2018-4276", "CVE-2018-4259", "CVE-2017-14033", "CVE-2018-6797", "CVE-2018-4283", "CVE-2018-4285", "CVE-2018-4277", "CVE-2018-4248", "CVE-2018-3665", "CVE-2018-4269", "CVE-2018-4289", "CVE-2018-8777", "CVE-2018-4268", "CVE-2018-4274", "CVE-2018-4293", "CVE-2017-14064", "CVE-2018-4470", "CVE-2018-4280", "CVE-2018-5383", "CVE-2018-4456", "CVE-2018-8779", "CVE-2018-4178", "CVE-2018-4291", "CVE-2018-6914"], "modified": "2020-07-28T05:29:11", "id": "APPLE:HT208937", "href": "https://support.apple.com/kb/HT208937", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T04:14:29", "description": "# About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan\n\nThis document describes the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan.\n\n## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page. You can encrypt communications with Apple using the [Apple Product Security PGP Key](<https://support.apple.com/kb/HT201601>).\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\n\n\n## macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan\n\nReleased July 9, 2018\n\n**Accounts**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A malicious application may be able to access local users AppleIDs\n\nDescription: A privacy issue in the handling of Open Directory records was addressed with improved indexing.\n\nCVE-2018-4470: Jacob Greenfield of Commonwealth School\n\nEntry added December 10, 2018\n\n**AMD**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An information disclosure issue was addressed by removing the vulnerable code.\n\nCVE-2018-4289: shrek_wzw of Qihoo 360 Nirvan Team\n\n**APFS**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4268: Mac working with Trend Micro's Zero Day Initiative\n\n**ATS**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A malicious application may be able to gain root privileges\n\nDescription: A type confusion issue was addressed with improved memory handling.\n\nCVE-2018-4285: Mohamed Ghannam (@_simo36)\n\n**Bluetooth**\n\nAvailable for: MacBook Pro (15-inch, 2018) and MacBook Pro (13-inch, 2018, Four Thunderbolt 3 Ports) \nOther Mac models were addressed with [macOS High Sierra 10.13.5](<https://support.apple.com/kb/HT208849>).\n\nImpact: An attacker in a privileged network position may be able to intercept Bluetooth traffic\n\nDescription: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.\n\nCVE-2018-5383: Lior Neumann and Eli Biham\n\nEntry added July 23, 2018\n\n**CFNetwork**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Cookies may unexpectedly persist in Safari\n\nDescription: A cookie management issue was addressed with improved checks.\n\nCVE-2018-4293: an anonymous researcher\n\n**CoreCrypto**\n\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4269: Abraham Masri (@cheesecakeufo)\n\n**CUPS**\n\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5\n\nImpact: An attacker in a privileged position may be able to perform a denial of service attack\n\nDescription: A null pointer dereference was addressed with improved validation.\n\nCVE-2018-4276: Jakub Jirasek of Secunia Research at Flexera\n\nEntry added September 25, 2018\n\n**DesktopServices**\n\nAvailable for: macOS Sierra 10.12.6\n\nImpact: A local user may be able to view sensitive user information\n\nDescription: A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation.\n\nCVE-2018-4178: Arjen Hendrikse\n\n**Intel Graphics Driver**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-4456: Tyler Bohan of Cisco Talos\n\nEntry updated January 22, 2019\n\n**IOGraphics**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A local user may be able to read kernel memory\n\nDescription: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.\n\nCVE-2018-4283: @panicaII working with Trend Micro's Zero Day Initiative\n\n**Kernel**\n\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5\n\nImpact: Systems using Intel\u00ae Core-based microprocessors may potentially allow a local process to infer data utilizing Lazy FP state restore from another process through a speculative execution side channel\n\nDescription: Lazy FP state restore instead of eager save and restore of the state upon a context switch. Lazy restored states are potentially vulnerable to exploits where one process may infer register values of other processes through a speculative execution side channel that infers their value.\n\nAn information disclosure issue was addressed with FP/SIMD register state sanitization.\n\nCVE-2018-3665: Julian Stecklina of Amazon Germany, Thomas Prescher of Cyberus Technology GmbH (cyberus-technology.de), Zdenek Sojka of SYSGO AG (sysgo.com), and Colin Percival\n\n**Kernel**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2018-4259: Kevin Backhouse of Semmle and LGTM.com\n\nCVE-2018-4286: Kevin Backhouse of Semmle and LGTM.com\n\nCVE-2018-4287: Kevin Backhouse of Semmle and LGTM.com\n\nCVE-2018-4288: Kevin Backhouse of Semmle and LGTM.com\n\nCVE-2018-4291: Kevin Backhouse of Semmle and LGTM.com\n\nEntry added October 30, 2018\n\n**libxpc**\n\nAvailable for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.5\n\nImpact: An application may be able to gain elevated privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2018-4280: Brandon Azad\n\n**libxpc**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A malicious application may be able to read restricted memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2018-4248: Brandon Azad\n\n**LinkPresentation**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4277: xisigr of Tencent's Xuanwu Lab (tencent.com)\n\n**Perl**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Multiple buffer overflow issues existed in Perl\n\nDescription: Multiple issues in Perl were addressed with improved memory handling.\n\nCVE-2018-6797: Brian Carpenter\n\nCVE-2018-6913: GwanYeong Kim\n\nEntry added October 30, 2018\n\n**Ruby**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: Multiple issues in Ruby were addressed in this update.\n\nCVE-2017-0898\n\nCVE-2017-10784\n\nCVE-2017-14033\n\nCVE-2017-14064\n\nCVE-2017-17405\n\nCVE-2017-17742\n\nCVE-2018-6914\n\nCVE-2018-8777\n\nCVE-2018-8778\n\nCVE-2018-8779\n\nCVE-2018-8780\n\nEntry added October 30, 2018\n\n**WebKit**\n\nAvailable for: macOS High Sierra 10.13.5\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.\n\nCVE-2018-4274: Tomasz Bojarski\n\nEntry added July 28, 2020\n\n\n\n## Additional recognition\n\n**App Store**\n\nWe would like to acknowledge Jesse Endahl &amp; Stevie Hryciw of Fleetsmith, and Max B\u00e9langer of Dropbox for their assistance.\n\nEntry added August 8, 2018\n\n**Help Viewer**\n\nWe would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance with four mitigations.\n\n**Kernel**\n\nWe would like to acknowledge juwei lin (@panicaII) of Trend Micro working with Trend Micro\u2019s Zero Day Initiative for their assistance.\n\n**Security**\n\nWe would like to acknowledge Brad Dahlsten of Iowa State University for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](<http://support.apple.com/kb/HT2693>) for additional information.\n\nPublished Date: July 28, 2020\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-07-09T00:00:00", "type": "apple", "title": "About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0898", "CVE-2017-10784", "CVE-2017-14033", "CVE-2017-14064", "CVE-2017-17405", "CVE-2017-17742", "CVE-2018-3665", "CVE-2018-4178", "CVE-2018-4248", "CVE-2018-4259", "CVE-2018-4268", "CVE-2018-4269", "CVE-2018-4274", "CVE-2018-4276", "CVE-2018-4277", "CVE-2018-4280", "CVE-2018-4283", "CVE-2018-4285", "CVE-2018-4286", "CVE-2018-4287", "CVE-2018-4288", "CVE-2018-4289", "CVE-2018-4291", "CVE-2018-4293", "CVE-2018-4456", "CVE-2018-4470", "CVE-2018-5383", "CVE-2018-6797", "CVE-2018-6913", "CVE-2018-6914", "CVE-2018-8777", "CVE-2018-8778", "CVE-2018-8779", "CVE-2018-8780"], "modified": "2018-07-09T00:00:00", "id": "APPLE:CCBE145FF9FF633165B1339D00B64FBE", "href": "https://support.apple.com/kb/HT208937", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}