Lucene search
Lilang wumoony Li of Trend MicroZDI-18-1327HistoryOct 30, 2018 - 12:00 a.m.
Apple macOS libATSServer Heap-based Buffer Overflow Privilege Escalation Vulnerability
2018-10-3000:00:00
lilang wumoony Li of Trend Micro
www.zerodayinitiative.com
12
EPSS
0.001
Percentile
34.8%
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the FODBWriteToAnnex method. The issue lies in the failure to properly validate the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current user.
References
Related
nvd
nvd
CVE-2018-4411
2019-04-03 18:29:13
cve
cve
CVE-2018-4411
2019-04-03 18:29:13
cvelist
cvelist
CVE-2018-4411
2019-04-03 17:43:18
prion
prion
Memory corruption
2019-04-03 18:29:00
openvas
openvas
Apple Mac OS X Security Updates (HT209193)-06
2018-11-02 00:00:00
Apple Mac OS X Security Update (HT209139)
2022-08-04 00:00:00
nessus
nessus
macOS 10.13.6 Multiple Vulnerabilities (Security Update 2018-002)
2018-10-31 00:00:00
macOS < 10.14 Multiple Vulnerabilities
2018-10-18 00:00:00
macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-005)
2018-10-31 00:00:00
apple
apple
About the security content of macOS Mojave 10.14 - Apple Support
2020-02-04 05:12:57
About the security content of macOS Mojave 10.14
2018-09-24 00:00:00