Sign-up

ID

VAR-201904-1372


CVE

CVE-2018-4412


TITLE

plural Apple Memory corruption vulnerability in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-014890

DESCRIPTION

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. Apple From macOS An update for has been released.The potential impact depends on each vulnerability, but may be affected as follows: * Arbitrary code execution * information leak * Access restriction bypass. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. macOS High Sierra is its next generation. CoreFoundation is one of the C language application programming interface (API) components. A security vulnerability exists in the CoreFoundation component of Apple macOS Sierra version 10.12.6 and macOS High Sierra version 10.13.6. An attacker could exploit this vulnerability with a malicious application to elevate privileges (memory corruption). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-13 Additional information for APPLE-SA-2018-9-24-2 iTunes 12.9 for Windows iTunes 12.9 for Windows addresses the following: CFNetwork Available for: Windows 7 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 CoreFoundation Available for: Windows 7 and later Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4412: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreFoundation Available for: Windows 7 and later Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4414: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreText Available for: Windows 7 and later Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4347: an anonymous researcher Entry added October 30, 2018 WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4197: Ivan Fratric of Google Project Zero CVE-2018-4306: Ivan Fratric of Google Project Zero CVE-2018-4312: Ivan Fratric of Google Project Zero CVE-2018-4314: Ivan Fratric of Google Project Zero CVE-2018-4315: Ivan Fratric of Google Project Zero CVE-2018-4317: Ivan Fratric of Google Project Zero CVE-2018-4318: Ivan Fratric of Google Project Zero WebKit Available for: Windows 7 and later Impact: A malicious website may exfiltrate image data cross-origin Description: A cross-site scripting issue existed in Safari. CVE-2018-4191: found by OSS-Fuzz WebKit Available for: Windows 7 and later Impact: Cross-origin SecurityErrors includes the accessed frame's origin Description: The issue was addressed by removing origin information. CVE-2018-4311: Erling Alf Ellingsen (@steike) WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4299: Samuel GroI2 (saelo) working with Trend Micro's Zero Day Initiative CVE-2018-4323: Ivan Fratric of Google Project Zero CVE-2018-4328: Ivan Fratric of Google Project Zero CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative CVE-2018-4359: Samuel GroA (@5aelo) CVE-2018-4360: William Bowling (@wcbowling) Entry added October 30, 2018 WebKit Available for: Windows 7 and later Impact: A malicious website may cause unexepected cross-origin behavior Description: A cross-origin issue existed with "iframe" elements. CVE-2018-4319: John Pettitt of Google WebKit Available for: Windows 7 and later Impact: A malicious website may be able to execute scripts in the context of another website Description: A cross-site scripting issue existed in Safari. CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative WebKit Available for: Windows 7 and later Impact: Unexpected interaction causes an ASSERT failure Description: A memory consumption issue was addressed with improved memory handling. CVE-2018-4361: found by OSS-Fuzz Additional recognition SQLite We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. WebKit We would like to acknowledge Cary Hartline, Hanming Zhang from 360 Vuclan team, Tencent Keen Security Lab working with Trend Micro's Zero Day Initiative, and Zach Malone of CA Technologies for their assistance. Installation note: iTunes 12.9 for Windows may be obtained from: https://www.apple.com/itunes/download/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3H36BAA kOdio5aQDT6TT5y302gTD8IRudSct/JHVCjMbaEU4Q28RKb5yumU3j+x3QylMwx8 n60VkwST8bzxjffZa+ER8F+8+NdPdcWtyYPHauEOt/ICKWLmxXZr3JIXk1XIxwz2 I9Ca9kkO+q6lWSjYVk44ZnEplEj4UctE8FoDTCXOsaATcPOeNGZttxjHBZLEnMHg 7vcFaJ7fQQf3ECuZG7HLXWvelQCzOSR1dNXUeAXTPoVrKAEBRk7Z8/UlB/mRYntv 0GSaJZCIMO8r/TwS/+KWzHgtRREusR9Sk827yDVZoqL8q3mMprIoospOiHsezEnq RReMU2sNCc6mm2x28gnZrjQgxPL4abwV+z/P8oloOjnN3gydUnQXFM606z2ZCp2y GgjrnIjLtlri1rx1wLccqMPi2GZFmOcNvgPBBuHfWj5GpPjE6ILWXcy6cg+hfgD9 CCUMqJFTW3gclGjno5nfqq7yaxJaD+CniGNhFxZxhOVbTXzMQ7T24biUz+ulr0Ip Yi11Xlb+xUk9SGP0ioci9nsfV8MAKy4eb/JpDIXBkQL9LWzp4z+gYeoNUZOyK9pB Mr3Kn15K76ApsoBFkFNI2AXwvXFtda5no5jy7EarbefmyD1BA0W9Tfg1kJEmh1J5 cdFwOCALT9HHUn7bccDIPvQlVH/sgEjVkMRapHl72SE= =5IB1 -----END PGP SIGNATURE-----

Trust: 3.42

sources: NVD: CVE-2018-4412 // JVNDB: JVNDB-2018-014890 // JVNDB: JVNDB-2018-007762 // JVNDB: JVNDB-2018-008148 // VULHUB: VHN-134443 // VULMON: CVE-2018-4412 // PACKETSTORM: 150115 // PACKETSTORM: 150114

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:ltversion:10.14

Trust: 1.8

vendor:applemodel:icloudscope:ltversion:7.7

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:5.0

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:12.0

Trust: 1.0

vendor:applemodel:itunesscope:ltversion:12.9

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:12

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.12.6

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.13.6

Trust: 0.8

vendor:applemodel:icloudscope:ltversion:for windows 7.7 (windows 7 or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:12 (ipad air or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:12 (iphone 5s or later )

Trust: 0.8

vendor:applemodel:iosscope:ltversion:12 (ipod touch first 6 generation )

Trust: 0.8

vendor:applemodel:itunesscope:ltversion:for windows 12.9 (windows 7 or later )

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:12 (apple tv 4k)

Trust: 0.8

vendor:applemodel:tvosscope:ltversion:12 (apple tv first 4 generation )

Trust: 0.8

vendor:applemodel:watchosscope:ltversion:5 (apple watch series 1 or later )

Trust: 0.8

vendor:applemodel:macos mojavescope:ltversion:10.14 earlier

Trust: 0.8

vendor:applemodel:icloudscope:ltversion:7.7 earlier

Trust: 0.8

vendor:applemodel:iosscope:ltversion:12.0.1 earlier

Trust: 0.8

sources: JVNDB: JVNDB-2018-014890 // JVNDB: JVNDB-2018-007762 // JVNDB: JVNDB-2018-008148 // NVD: CVE-2018-4412

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-4412
value: HIGH

Trust: 1.0

NVD: CVE-2018-4412
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201810-1515
value: HIGH

Trust: 0.6

VULHUB: VHN-134443
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-4412
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-4412
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-134443
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-4412
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-134443 // VULMON: CVE-2018-4412 // JVNDB: JVNDB-2018-014890 // CNNVD: CNNVD-201810-1515 // NVD: CVE-2018-4412

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-134443 // JVNDB: JVNDB-2018-014890 // NVD: CVE-2018-4412

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201810-1515

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201810-1515

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-014890

PATCH
title:HT209141url:https://support.apple.com/en-us/HT209141
Trust: 1.6
title:HT209139url:https://support.apple.com/en-us/HT209139
Trust: 1.6
title:HT209140url:https://support.apple.com/en-us/HT209140
Trust: 0.8
title:HT209193url:https://support.apple.com/en-us/HT209193
Trust: 0.8
title:HT209106url:https://support.apple.com/en-us/HT209106
Trust: 0.8
title:HT209107url:https://support.apple.com/en-us/HT209107
Trust: 0.8
title:HT209108url:https://support.apple.com/en-us/HT209108
Trust: 0.8
title:HT209141url:https://support.apple.com/ja-jp/HT209141
Trust: 0.8
title:HT209193url:https://support.apple.com/ja-jp/HT209193
Trust: 0.8
title:HT209106url:https://support.apple.com/ja-jp/HT209106
Trust: 0.8
title:HT209107url:https://support.apple.com/ja-jp/HT209107
Trust: 0.8
title:HT209108url:https://support.apple.com/ja-jp/HT209108
Trust: 0.8
title:HT209139url:https://support.apple.com/ja-jp/HT209139
Trust: 0.8
title:HT209140url:https://support.apple.com/ja-jp/HT209140
Trust: 0.8
title:About the security content of iOS 12.0.1url:https://support.apple.com/en-us/HT209162
Trust: 0.8
title:Apple macOS CoreFoundation Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86493
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-014890 // 
            
            
            
            JVNDB: JVNDB-2018-007762 // 
            
            
            
            JVNDB: JVNDB-2018-008148 // 
            
            
            
            CNNVD: CNNVD-201810-1515

EXTERNAL IDS
db:NVDid:CVE-2018-4412
Trust: 2.8
db:JVNid:JVNVU99356481
Trust: 1.6
db:JVNid:JVNVU92800088
Trust: 1.6
db:JVNid:JVNVU93341447
Trust: 0.8
db:JVNDBid:JVNDB-2018-014890
Trust: 0.8
db:JVNDBid:JVNDB-2018-007762
Trust: 0.8
db:JVNDBid:JVNDB-2018-008148
Trust: 0.8
db:CNNVDid:CNNVD-201810-1515
Trust: 0.6
db:VULHUBid:VHN-134443
Trust: 0.1
db:VULMONid:CVE-2018-4412
Trust: 0.1
db:PACKETSTORMid:150115
Trust: 0.1
db:PACKETSTORMid:150114
Trust: 0.1
sources:
            
            
            VULHUB: VHN-134443 // 
            
            
            
            VULMON: CVE-2018-4412 // 
            
            
            
            JVNDB: JVNDB-2018-014890 // 
            
            
            
            JVNDB: JVNDB-2018-007762 // 
            
            
            
            JVNDB: JVNDB-2018-008148 // 
            
            
            
            PACKETSTORM: 150115 // 
            
            
            
            PACKETSTORM: 150114 // 
            
            
            
            CNNVD: CNNVD-201810-1515 // 
            
            
            
            NVD: CVE-2018-4412

REFERENCES
url:https://support.apple.com/kb/ht209106
Trust: 1.8
url:https://support.apple.com/kb/ht209107
Trust: 1.8
url:https://support.apple.com/kb/ht209108
Trust: 1.8
url:https://support.apple.com/kb/ht209139
Trust: 1.8
url:https://support.apple.com/kb/ht209140
Trust: 1.8
url:https://support.apple.com/kb/ht209141
Trust: 1.8
url:https://support.apple.com/kb/ht209193
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-4412
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4412
Trust: 0.8
url:https://jvn.jp/vu/jvnvu93341447/index.html
Trust: 0.8
url:https://jvn.jp/vu/jvnvu99356481/index.html
Trust: 0.8
url:https://jvn.jp/vu/jvnvu92800088/index.html
Trust: 0.8
url:https://jvn.jp/vu/jvnvu99356481/
Trust: 0.8
url:http://jvn.jp/cert/jvnvu92800088
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-4323
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4319
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4318
Trust: 0.2
url:https://support.apple.com/kb/ht201222
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4191
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4361
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4309
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4311
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4315
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4414
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4197
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4126
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4345
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4316
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4359
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4317
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4306
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4358
Trust: 0.2
url:https://www.apple.com/support/security/pgp/
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4312
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4328
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4314
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4360
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4299
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-4347
Trust: 0.2
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:http://seclists.org/fulldisclosure/2018/nov/19
Trust: 0.1
url:https://support.apple.com/ht204283
Trust: 0.1
url:https://www.apple.com/itunes/download/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-134443 // 
            
            
            
            VULMON: CVE-2018-4412 // 
            
            
            
            JVNDB: JVNDB-2018-014890 // 
            
            
            
            JVNDB: JVNDB-2018-007762 // 
            
            
            
            JVNDB: JVNDB-2018-008148 // 
            
            
            
            PACKETSTORM: 150115 // 
            
            
            
            PACKETSTORM: 150114 // 
            
            
            
            CNNVD: CNNVD-201810-1515 // 
            
            
            
            NVD: CVE-2018-4412

CREDITS
The UK's National Cyber Security Centre (NCSC)
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201810-1515

SOURCES
db:VULHUBid:VHN-134443
db:VULMONid:CVE-2018-4412
db:JVNDBid:JVNDB-2018-014890
db:JVNDBid:JVNDB-2018-007762
db:JVNDBid:JVNDB-2018-008148
db:PACKETSTORMid:150115
db:PACKETSTORMid:150114
db:CNNVDid:CNNVD-201810-1515
db:NVDid:CVE-2018-4412

LAST UPDATE DATE
2024-11-23T21:23:40.342000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-134443date:2019-04-08T00:00:00
db:VULMONid:CVE-2018-4412date:2019-04-08T00:00:00
db:JVNDBid:JVNDB-2018-014890date:2019-04-17T00:00:00
db:JVNDBid:JVNDB-2018-007762date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-008148date:2018-10-10T00:00:00
db:CNNVDid:CNNVD-201810-1515date:2019-04-10T00:00:00
db:NVDid:CVE-2018-4412date:2024-11-21T04:07:21.830

SOURCES RELEASE DATE
db:VULHUBid:VHN-134443date:2019-04-03T00:00:00
db:VULMONid:CVE-2018-4412date:2019-04-03T00:00:00
db:JVNDBid:JVNDB-2018-014890date:2019-04-17T00:00:00
db:JVNDBid:JVNDB-2018-007762date:2018-09-26T00:00:00
db:JVNDBid:JVNDB-2018-008148date:2018-10-10T00:00:00
db:PACKETSTORMid:150115date:2018-10-31T16:10:39
db:PACKETSTORMid:150114date:2018-10-31T16:10:29
db:CNNVDid:CNNVD-201810-1515date:2018-10-31T00:00:00
db:NVDid:CVE-2018-4412date:2019-04-03T18:29:14.033