16 matches found
Apple Safari Browser Memory Corruption (CVE-2018-4441)
A memory corruption vulnerability exists in Apple Safari. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
DEBIAN-CVE-2018-4441
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9...
CVE-2018-4441
CVE-2018-4441 is a memory corruption issue reported in WebKit/Safari components, affecting Apple platforms prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, and iCloud for Windows 7.9. The public Apple advisories document a memory handling improvement as t...
openSUSE Security Update : webkit2gtk3 (openSUSE-2019-308)
This update for webkit2gtk3 to version 2.22.6 fixes the following issues boo1124937 boo1119558 : Security vulnerabilities fixed : - CVE-2018-4437: Processing maliciously crafted web content may lead to arbitrary code execution. Multiple memory corruption issues were addressed with improved memory...
openSUSE: Security Advisory for webkit2gtk3 (openSUSE-SU-2019:0308-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Sony Playstation 4 (PS4) 6.20 - WebKit Code Execution (PoC)
Sony Playstation 4 PS4 6.20 - WebKit Code Execution PoC PS4 6.20 WebKit Code Execution PoC ============== This repo contains a proof-of-concept PoC RCE exploit targeting the PlayStation 4 on firmware 6.20 leveraging CVE-2018-4441. The exploit first establishes an arbitrary read/write primitive as...
Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)
PS4 6.20 WebKit Code Execution PoC ============== This repo contains a proof-of-concept PoC RCE exploit targeting the PlayStation 4 on firmware 6.20 leveraging CVE-2018-4441. The exploit first establishes an arbitrary read/write primitive as well as an arbitrary object address leak in wkexploit.j...
Security update for webkit2gtk3 (important)
openSUSE Security Update: Security update for webkit2gtk3 Announcement ID: openSUSE-SU-2019:0108-1 Rating: important References: 1119553 1119554 1119555 1119556 1119557 1119558 Cross-References: CVE-2018-4437 CVE-2018-4438 CVE-2018-4441 CVE-2018-4442 CVE-2018-4443 CVE-2018-4464 Affected Products:...
SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:0146-1)
This update for webkit2gtk3 to version 2.22.5 fixes the following issues : Security issues fixed : CVE-2018-4438: Fixed a logic issue which lead to memory corruption bsc1119554 CVE-2018-4437, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464: Fixed multiple memory corruption issues with...
SUSE-SU-2019:0146-1 Security update for webkit2gtk3
This update for webkit2gtk3 to version 2.22.5 fixes the following issues: Security issues fixed: - CVE-2018-4438: Fixed a logic issue which lead to memory corruption bsc1119554 - CVE-2018-4437, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464: Fixed multiple memory corruption issues wit...
SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2019:0092-1)
This update for webkit2gtk3 to version 2.22.5 fixes the following issues : Security issues fixed : CVE-2018-4372, CVE-2018-4345, CVE-2018-4386, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382, CVE-2018-4392, CVE-2018-4416, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306,...
CVE-2018-4441
creationtimestamp| type| source ---|---|--- 2019-01-02 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46072 2019-03-09 15:42:25+00:00| published-proof-of-concept| https://t.me/antichat/3906 2019-03-10 14:54:45+00:00| published-proof-of-concept| https://t.me/antichat/3910 2019-03-1...
WebKit JSC JSArray::shiftCountWithArrayStorage Out-Of-Band Read / Write Exploit
WebKit: JSC: A bug in JSArray::shiftCountWithArrayStorage CVE-2018-4441 bool JSArray::shiftCountWithArrayStorageVM& vm, unsigned startIndex, unsigned count, ArrayStorage storage unsigned oldLength = storage-length; RELEASEASSERTcount hasHoles && this-structurevm-holesMustForwardToPrototypevm, thi...
WebKit JSC JSArray::shiftCountWithArrayStorage Out-Of-Band Read / Write
WebKit: JSC: A bug in JSArray::shiftCountWithArrayStorage CVE-2018-4441 bool JSArray::shiftCountWithArrayStorageVM& vm, unsigned startIndex, unsigned count, ArrayStorage storage unsigned oldLength = storage-length; RELEASEASSERTcount hasHoles && this-structurevm-holesMustForwardToPrototypevm, thi...
Apple iTunes < 12.9.2 Multiple Vulnerabilities (credentialed check)
The version of Apple iTunes installed on the remote Windows host is prior to 12.9.2. It is, therefore, affected by multiple vulnerabilities as referenced in the HT209345 advisory. - Visiting a malicious website may lead to address bar spoofing CVE-2018-4440 - Visiting a malicious website may lead...
KLA11384 Multiple vulnerabilities in Apple iTunes
Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities can be exploited remotely to spoof user interface; 2. Multiple memory...