Lucene search

PRIOn knowledge basePRION:CVE-2018-4142

HistoryApr 03, 2018 - 6:29 a.m.

Design/Logic Flaw

2018-04-0306:29:00

PRIOn knowledge base

www.prio-n.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.3 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.5%

JSON

An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the “CoreText” component. It allows remote attackers to cause a denial of service (application crash) via a crafted string.

CPENameOperatorVersion
iphone_oslt11.3
mac_os_xlt10.13.4
tvoslt11.3
watchoslt4.3

Name	Operator	Version
iphone_os	lt	11.3
mac_os_x	lt	10.13.4
tvos	lt	11.3
watchos	lt	4.3

References

www.securitytracker.com/id/1040604

www.securitytracker.com/id/1040608

support.apple.com/HT208692

support.apple.com/HT208693

support.apple.com/HT208696

support.apple.com/HT208698

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.3 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.023 Low

EPSS

Percentile

89.5%

JSON

Related for PRION:CVE-2018-4142