Sign-up

ID

VAR-201904-1348


CVE

CVE-2018-4279


TITLE

Safari Spoofing vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-014834

DESCRIPTION

An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2. Safari Contains a spoofing vulnerability due to incomplete handling of state management.Information may be obtained. An attacker may exploit this vulnerability to spoof the originating URL of a trusted web site. This issue may allow a remote attacker to carry out phishing-style attacks. Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with MacOSX and iOS operating systems. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-7-9-5 Safari 11.1.2 Safari 11.1.2 is now available and addresses the following: Safari Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4279: Ruilin Yang, Xu Taoyu (xia0yu.win) WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4270: found by OSS-Fuzz WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: A malicious website may exfiltrate audio data cross-origin Description: Sound fetched through audio elements may be exfiltrated cross-origin. CVE-2018-4278: Jun Kokatsu (@shhnjk) WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2018-4284: Found by OSS-Fuzz WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: A malicious website may be able to cause a denial of service Description: A race condition was addressed with additional validation. CVE-2018-4266: found by OSS-Fuzz WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4261: Omair working with Trend Micro's Zero Day Initiative CVE-2018-4262: Mateusz Krzywicki working with Trend Micro's Zero Day Initiative CVE-2018-4263: Arayz working with Trend Micro's Zero Day Initiative CVE-2018-4264: found by OSS-Fuzz, Yu Zhou and Jundong Xie of Ant-financial Light-Year Security Lab CVE-2018-4265: cc working with Trend Micro's Zero Day Initiative CVE-2018-4267: Arayz of Pangu team working with Trend Micro's Zero Day Initiative CVE-2018-4272: found by OSS-Fuzz WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2018-4271: found by OSS-Fuzz CVE-2018-4273: found by OSS-Fuzz WebKit Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: A spoofing issue existed in the handling of URLs. CVE-2018-4274: an anonymous researcher WebKit Page Loading Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.6 Impact: Visiting a malicious website may lead to address bar spoofing Description: An inconsistent user interface issue was addressed with improved state management. CVE-2018-4260: xisigr of Tencent's Xuanwu Lab (tencent.com) Installation note: Safari 11.1.2 may be obtained from the Mac App Store. Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEfcwwPWJ3e0Ig26mf8ecVjteJiCYFAltDyFMpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQ8ecVjteJiCZJ7xAA o2HCi+IV2AXcKkZ7RQiNr25U77qMoPg6t4lOd9YlRo8dD7m+aVYtL0TJxLyum3KO NjXhl/toW6Y1Y++iKfDLKtVtdX9eXTh2n4qDylPkknHCGiuYGk7VX1xh10EDvWLN uIHEBj/WF9+d7uAv2XrKzfyQ8rTzL960UUywBchO2HfVPk74x27+AVXzcb2Yu98m DkwtODwQtTtINqdMerdCuIGWM3BN1iwzxxX16c+hPuuDP7HTE77TNZrzz09FC4M9 ikMG8JvZmkBWEZaGnb/IRrRJWhZ+k1s33YNFc8wKt8wMsgGvV+l5Bndb7D2d3qQC BHyvokfiWLdVeUAdLpli7RcRgRZDYkaC/Y76VIaZH5frp/bAUm2mb3C6uAaQVR8+ 4f6r9go/gnkQzoNPZuqvzGsi6Nr+gl2B91SqgUdTF5fRw9zXFk7mgkcOYmzsj2uq ZdsRx+i0kkmzZYyffSNU8Y8PCHwnPj9a9D3UThJgAz7HKThI5fH5tbyxKV2wjlPb KBAWkgqMGkwWmsMNLpNJbABbK7TZhOGASb9776n2ZFOWS2u9KNbqNpALZFvaCA/0 uu9Y4aUPPPpz+/c87IviLC2HTUOOKmvhuIGWJF5sKVc8y83b7Loi/P5K90EwiF3i /7DbcAOdfMAEdgDygzzQSzRV97EQWYpLDr97VLCPGI4= =bv9B -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2018-4279 // JVNDB: JVNDB-2018-014834 // BID: 104749 // VULHUB: VHN-134310 // PACKETSTORM: 148469

AFFECTED PRODUCTS

vendor:applemodel:safariscope:ltversion:11.1.2

Trust: 1.0

vendor:applemodel:safariscope:ltversion:11.1.2 (macos high sierra 10.13.6)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:11.1.2 (macos sierra 10.12.6)

Trust: 0.8

vendor:applemodel:safariscope:ltversion:11.1.2 (os x el capitan 10.11.6)

Trust: 0.8

vendor:applemodel:safariscope:eqversion:10.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:10.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:9.1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:9.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:9.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:9.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:8.0.8

Trust: 0.3

vendor:applemodel:safariscope:eqversion:8.0.6

Trust: 0.3

vendor:applemodel:safariscope:eqversion:8.0.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:8.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:8.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.1.8

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.1.6

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.1.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.1.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.0.6

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.2.8

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.2.6

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.2.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.2.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.2.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.1.6

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.0.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.10

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.6

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.6

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.2.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:2.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:1.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:9

Trust: 0.3

vendor:applemodel:safariscope:eqversion:8.0.7

Trust: 0.3

vendor:applemodel:safariscope:eqversion:8.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:8.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:8.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.1.7

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.0.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.2.7

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.2.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.2.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.1.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.1.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:6.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.34

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.33

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.31

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.7

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.5

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:5.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.31

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.30

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.28

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4.0

Trust: 0.3

vendor:applemodel:safariscope:eqversion:4

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.52

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:10.1.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:10.1

Trust: 0.3

vendor:applemodel:safariscope:eqversion:10.0.3

Trust: 0.3

vendor:applemodel:safariscope:eqversion:10.0.2

Trust: 0.3

vendor:applemodel:safariscope:eqversion:10

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.13.6

Trust: 0.3

vendor:applemodel:macosscope:eqversion:10.12.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.11.6

Trust: 0.3

vendor:applemodel:safariscope:neversion:11.1.2

Trust: 0.3

sources: BID: 104749 // JVNDB: JVNDB-2018-014834 // NVD: CVE-2018-4279

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-4279
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-4279
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201807-2000
value: MEDIUM

Trust: 0.6

VULHUB: VHN-134310
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-4279
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-134310
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-4279
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-134310 // JVNDB: JVNDB-2018-014834 // CNNVD: CNNVD-201807-2000 // NVD: CVE-2018-4279

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-134310 // JVNDB: JVNDB-2018-014834 // NVD: CVE-2018-4279

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201807-2000

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201807-2000

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-014834

PATCH
title:HT208934url:https://support.apple.com/en-us/HT208934
Trust: 0.8
title:HT208934url:https://support.apple.com/ja-jp/HT208934
Trust: 0.8
title:Apple Safari Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82728
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-014834 // 
            
            
            
            CNNVD: CNNVD-201807-2000

EXTERNAL IDS
db:NVDid:CVE-2018-4279
Trust: 2.9
db:JVNid:JVNVU93082496
Trust: 0.8
db:JVNDBid:JVNDB-2018-014834
Trust: 0.8
db:CNNVDid:CNNVD-201807-2000
Trust: 0.7
db:BIDid:104749
Trust: 0.4
db:VULHUBid:VHN-134310
Trust: 0.1
db:PACKETSTORMid:148469
Trust: 0.1
sources:
            
            
            VULHUB: VHN-134310 // 
            
            
            
            BID: 104749 // 
            
            
            
            JVNDB: JVNDB-2018-014834 // 
            
            
            
            PACKETSTORM: 148469 // 
            
            
            
            CNNVD: CNNVD-201807-2000 // 
            
            
            
            NVD: CVE-2018-4279

REFERENCES
url:https://support.apple.com/kb/ht208934
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2018-4279
Trust: 1.5
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4279
Trust: 0.8
url:https://jvn.jp/vu/jvnvu93082496/index.html
Trust: 0.8
url:http://www.apple.com/safari/
Trust: 0.3
url:https://support.apple.com/en-us/ht201222
Trust: 0.3
url:https://lists.apple.com/archives/security-announce/2018/jul/msg00004.html
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2018-4265
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4260
Trust: 0.1
url:https://support.apple.com/kb/ht201222
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4267
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4264
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4271
Trust: 0.1
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4272
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4274
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4278
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4262
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4261
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4266
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4273
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4263
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4284
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-4270
Trust: 0.1
sources:
            
            
            VULHUB: VHN-134310 // 
            
            
            
            BID: 104749 // 
            
            
            
            JVNDB: JVNDB-2018-014834 // 
            
            
            
            PACKETSTORM: 148469 // 
            
            
            
            CNNVD: CNNVD-201807-2000 // 
            
            
            
            NVD: CVE-2018-4279

CREDITS
Ruilin Yang, Xu Taoyu (xia0yu.win)
Trust: 0.9
sources:
            
            
            BID: 104749 // 
            
            
            
            CNNVD: CNNVD-201807-2000

SOURCES
db:VULHUBid:VHN-134310
db:BIDid:104749
db:JVNDBid:JVNDB-2018-014834
db:PACKETSTORMid:148469
db:CNNVDid:CNNVD-201807-2000
db:NVDid:CVE-2018-4279

LAST UPDATE DATE
2024-11-23T21:08:33.512000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-134310date:2019-04-04T00:00:00
db:BIDid:104749date:2018-07-09T00:00:00
db:JVNDBid:JVNDB-2018-014834date:2019-04-16T00:00:00
db:CNNVDid:CNNVD-201807-2000date:2019-04-08T00:00:00
db:NVDid:CVE-2018-4279date:2024-11-21T04:07:06.857

SOURCES RELEASE DATE
db:VULHUBid:VHN-134310date:2019-04-03T00:00:00
db:BIDid:104749date:2018-07-09T00:00:00
db:JVNDBid:JVNDB-2018-014834date:2019-04-16T00:00:00
db:PACKETSTORMid:148469date:2018-07-09T21:11:11
db:CNNVDid:CNNVD-201807-2000date:2018-07-31T00:00:00
db:NVDid:CVE-2018-4279date:2019-04-03T18:29:05.033