Details of VAR-201904-1419

ID

VAR-201904-1419

CVE

CVE-2018-4328

TITLE

plural Apple Memory corruption vulnerability in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-014885

DESCRIPTION

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. plural Apple The product has a memory corruption vulnerability due to incomplete memory handling.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Service operation interruption (DoS) * Arbitrary code execution * Script execution * information leak * Access restriction avoidance. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. tvOS is a smart TV operating system. Safari is a web browser developed as the default browser included with MacOSX and iOS operating systems. WebKit is one of the web browser engine components. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-11 Additional information for APPLE-SA-2018-9-24-6 tvOS 12 tvOS 12 addresses the following: Auto Unlock Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to access local users AppleIDs Description: A validation issue existed in the entitlement verification. CVE-2018-4321: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. Bluetooth Available for: Apple TV (4th generation) Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: An input validation issue existed in Bluetooth. CVE-2018-5383: Lior Neumann and Eli Biham CFNetwork Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 CoreFoundation Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4412: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreFoundation Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4414: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreText Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4347: an anonymous researcher Entry added October 30, 2018 Grand Central Dispatch Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4426: Brandon Azad Entry added October 30, 2018 Heimdal Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4331: Brandon Azad CVE-2018-4332: Brandon Azad CVE-2018-4343: Brandon Azad Entry added October 30, 2018 IOHIDFamily Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation CVE-2018-4408: Ian Beer of Google Project Zero Entry added October 30, 2018 IOKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4341: Ian Beer of Google Project Zero CVE-2018-4354: Ian Beer of Google Project Zero Entry added October 30, 2018 IOKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2018-4383: Apple Entry added October 30, 2018 IOUserEthernet Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4401: Apple Entry added October 30, 2018 iTunes Store Available for: Apple TV 4K and Apple TV (4th generation) Impact: An attacker in a privileged network position may be able to spoof password prompts in the iTunes Store Description: An input validation issue was addressed with improved input validation. CVE-2018-4305: Jerry Decime Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to leak sensitive user information Description: An access issue existed with privileged API calls. CVE-2018-4399: Fabiano Anemone (@anoane) Entry added October 30, 2018 Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: An input validation issue existed in the kernel. CVE-2018-4363: Ian Beer of Google Project Zero Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved validation. CVE-2018-4407: Kevin Backhouse of Semmle Ltd. Entry added October 30, 2018 Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4336: Brandon Azad CVE-2018-4337: Ian Beer of Google Project Zero CVE-2018-4340: Mohamed Ghannam (@_simo36) CVE-2018-4344: The UK's National Cyber Security Centre (NCSC) CVE-2018-4425: cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 Safari Available for: Apple TV 4K and Apple TV (4th generation) Impact: A local user may be able to discover websites a user has visited Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi - Ankara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU) Security Available for: Apple TV 4K and Apple TV (4th generation) Impact: A local user may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2018-4395: Patrick Wardle of Digita Security Entry added October 30, 2018 Security Available for: Apple TV 4K and Apple TV (4th generation) Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm Description: This issue was addressed by removing RC4. CVE-2016-1777: Pepi Zawodsky Symptom Framework Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 Text Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4304: jianan.huang (@Sevck) Entry added October 30, 2018 WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2018-4316: crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4299: Samuel GroI2 (saelo) working with Trend Micro's Zero Day Initiative CVE-2018-4323: Ivan Fratric of Google Project Zero CVE-2018-4328: Ivan Fratric of Google Project Zero CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative CVE-2018-4359: Samuel GroA (@5aelo) CVE-2018-4360: William Bowling (@wcbowling) Entry added October 30, 2018 WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4345: an anonymous researcher WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Unexpected interaction causes an ASSERT failure Description: A memory corruption issue was addressed with improved validation. CVE-2018-4191: found by OSS-Fuzz WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious website may be able to execute scripts in the context of another website Description: A cross-site scripting issue existed in Safari. CVE-2018-4309: an anonymous researcher working with Trend Micro's Zero Day Initiative WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Unexpected interaction causes an ASSERT failure Description: A memory consumption issue was addressed with improved memory handling. CVE-2018-4361: found by OSS-Fuzz Additional recognition Assets We would like to acknowledge Brandon Azad for their assistance. Core Data We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. Kernel We would like to acknowledge Brandon Azad for their assistance. SQLite We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. WebKit We would like to acknowledge Cary Hartline, Hanming Zhang from 360 Vuclan team, and Zach Malone of CA Technologies for their assistance. Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HjHg/+ Lp4/41SoCVfRStv+eO69W8FCdq8K6+2n60F/pYwb7GlmF5H/Unon0k3PXdDyI/5V ZkaawvnThzMKS9k2kTb7wgnc8PSB8Ax4HGXBB5puo63L3dPk4fNeNNGOMynZaoKO i5MzFxji0nldu/Sgyv/zrdM2MKE2MAVGi2O5YH37PirPK84G4STxw7IFtrSEFGBN QiHbap8Bdjjny7Y1zSIk6CClU6YLpC0E1u8Y6KpmjHn/z4dfKFm9A+CkVuwxymDX RllmAWdDHU5/u93ZFdfEvnu8lFU4kxW4y0R6IJRjRHoouPI2eI5dwIGzxIv1CPea 1qN6QtRFfv9/JQyWotLFFUEDXrOIed9cVosqmJfUulQkq5a5UqcOWCW/HuQYOn9Y qd9EPPRS+lzlBQgFF/MBV1dxsp7WdZXPGnkiskzLMEt3CdOmvu2qx1Lc+6ErJZeI NX8n/CFc16aOS2ltsxx8hX1RWKQ+uZ4Fe4sDOry94wziTPfmAJ0HxR4cTf/KRWuF DuvZkpYyvGrGQmDB1FBWIIA3TP6zfhNtP6hIo5tLgnZb2HDHYcxO76nPKpGEiLiA KizL2ExA3Y5ePf4ZKVx4IGqZqhx0sYebHWgXBABu4MjpL7z4A26q05OVAJZf/icr ssYDTWsZCZr/yz9LEyNJiCWPwqpaAA2VQkMfW3nW/v0= =6KHo -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3781-1 October 03, 2018 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in WebKitGTK+. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: libjavascriptcoregtk-4.0-18 2.22.2-0ubuntu0.18.04.1 libwebkit2gtk-4.0-37 2.22.2-0ubuntu0.18.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK+, such as Epiphany, to make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3781-1 CVE-2018-4191, CVE-2018-4197, CVE-2018-4207, CVE-2018-4208, CVE-2018-4209, CVE-2018-4210, CVE-2018-4212, CVE-2018-4213, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4311, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.22.2-0ubuntu0.18.04.1 . CVE-2018-4329: Hugo S. Installation note: Safari 12 may be obtained from the Mac App Store. ----------------------------------------------------------------------- WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0007 ------------------------------------------------------------------------ Date reported : September 26, 2018 Advisory ID : WSA-2018-0007 WebKitGTK+ Advisory URL : https://webkitgtk.org/security/WSA-2018-0007.html WPE WebKit Advisory URL : https://wpewebkit.org/security/WSA-2018-0007.html CVE identifiers : CVE-2018-4207, CVE-2018-4208, CVE-2018-4209, CVE-2018-4210, CVE-2018-4212, CVE-2018-4213, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4311, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361. Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit. CVE-2018-4207 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4208 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4209 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4210 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction with indexing types caused a failure. An array indexing issue existed in the handling of a function in JavaScriptCore. This issue was addressed with improved checks. CVE-2018-4212 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4213 Versions affected: WebKitGTK+ before 2.20.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks. CVE-2018-4191 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. CVE-2018-4197 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4299 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Samuel GroI2 (saelo) working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4306 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4309 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to an anonymous researcher working with Trend Micro's Zero Day Initiative. A malicious website may be able to execute scripts in the context of another website. A cross-site scripting issue existed in WebKit. This issue was addressed with improved URL validation. CVE-2018-4311 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Erling Alf Ellingsen (@steike). Cross-origin SecurityErrors includes the accessed frameas origin. The issue was addressed by removing origin information. CVE-2018-4312 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4314 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4315 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4316 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to crixer, Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4317 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4318 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4319 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to John Pettitt of Google. A malicious website may cause unexepected cross-origin behavior. A cross-origin issue existed with iframe elements. This was addressed with improved tracking of security origins. CVE-2018-4323 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4328 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Ivan Fratric of Google Project Zero. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4358 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative. Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4359 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Samuel GroA (@5aelo). Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2018-4361 Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0. Credit to Google OSS-Fuzz. Unexpected interaction causes an ASSERT failure. We recommend updating to the latest stable versions of WebKitGTK+ and WPE WebKit. It is the best way to ensure that you are running safe versions of WebKit. Please check our websites for information about the latest stable releases. Further information about WebKitGTK+ and WPE WebKit security advisories can be found at: https://webkitgtk.org/security.html or https://wpewebkit.org/security/. The WebKitGTK+ and WPE WebKit team, September 26, 2018

Trust: 3.24

sources: NVD: CVE-2018-4328 // JVNDB: JVNDB-2018-014885 // JVNDB: JVNDB-2018-008148 // VULHUB: VHN-134359 // VULMON: CVE-2018-4328 // PACKETSTORM: 150119 // PACKETSTORM: 150115 // PACKETSTORM: 149655 // PACKETSTORM: 149516 // PACKETSTORM: 150114 // PACKETSTORM: 149513 // PACKETSTORM: 149605 // PACKETSTORM: 149722

AFFECTED PRODUCTS

vendor:	apple	model:	safari	scope:	lt	version:	12	Trust: 1.0
vendor:	apple	model:	icloud	scope:	lt	version:	7.7	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	12.0	Trust: 1.0
vendor:	apple	model:	itunes	scope:	lt	version:	12.9	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	12	Trust: 1.0
vendor:	apple	model:	icloud	scope:	lt	version:	for windows 7.7 (windows 7 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12 (ipad air or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12 (iphone 5s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12 (ipod touch first 6 generation )	Trust: 0.8
vendor:	apple	model:	itunes	scope:	lt	version:	for windows 12.9 (windows 7 or later )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	12 (macos high sierra 10.13.6)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	12 (macos mojave 10.14)	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	12 (macos sierra 10.12.6)	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	12 (apple tv 4k)	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	12 (apple tv first 4 generation )	Trust: 0.8
vendor:	apple	model:	icloud	scope:	lt	version:	7.7 earlier	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12.0.1 earlier	Trust: 0.8

sources: JVNDB: JVNDB-2018-014885 // JVNDB: JVNDB-2018-008148 // NVD: CVE-2018-4328

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-4328
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-4328
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201809-1159
value:	HIGH
Trust: 0.6
VULHUB:	VHN-134359
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2018-4328
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-4328
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-134359
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-4328
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-134359 // VULMON: CVE-2018-4328 // JVNDB: JVNDB-2018-014885 // CNNVD: CNNVD-201809-1159 // NVD: CVE-2018-4328

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-134359 // JVNDB: JVNDB-2018-014885 // NVD: CVE-2018-4328

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 149655 // CNNVD: CNNVD-201809-1159

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201809-1159

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-014885

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-134359 // VULMON: CVE-2018-4328

PATCH

title:	HT209141	url:	https://support.apple.com/en-us/HT209141	Trust: 1.6
title:	HT209106	url:	https://support.apple.com/en-us/HT209106	Trust: 0.8
title:	HT209107	url:	https://support.apple.com/en-us/HT209107	Trust: 0.8
title:	HT209109	url:	https://support.apple.com/en-us/HT209109	Trust: 0.8
title:	HT209140	url:	https://support.apple.com/en-us/HT209140	Trust: 0.8
title:	HT209106	url:	https://support.apple.com/ja-jp/HT209106	Trust: 0.8
title:	HT209107	url:	https://support.apple.com/ja-jp/HT209107	Trust: 0.8
title:	HT209109	url:	https://support.apple.com/ja-jp/HT209109	Trust: 0.8
title:	HT209140	url:	https://support.apple.com/ja-jp/HT209140	Trust: 0.8
title:	HT209141	url:	https://support.apple.com/ja-jp/HT209141	Trust: 0.8
title:	About the security content of iOS 12.0.1	url:	https://support.apple.com/en-us/HT209162	Trust: 0.8
title:	Multiple Apple product WebKit Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85193	Trust: 0.6
title:	Ubuntu Security Notice: webkit2gtk vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3781-1	Trust: 0.1
title:	domato	url:	https://github.com/googleprojectzero/domato	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/apple-releases-security-updates-for-ios-and-icloud-fixes-passcode-bypass/	Trust: 0.1

sources: VULMON: CVE-2018-4328 // JVNDB: JVNDB-2018-014885 // JVNDB: JVNDB-2018-008148 // CNNVD: CNNVD-201809-1159

EXTERNAL IDS

db:	NVD	id:	CVE-2018-4328	Trust: 3.4
db:	JVN	id:	JVNVU92800088	Trust: 1.6
db:	JVN	id:	JVNVU93341447	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-014885	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-008148	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-1159	Trust: 0.7
db:	EXPLOIT-DB	id:	45483	Trust: 0.2
db:	PACKETSTORM	id:	149555	Trust: 0.1
db:	VULHUB	id:	VHN-134359	Trust: 0.1
db:	VULMON	id:	CVE-2018-4328	Trust: 0.1
db:	PACKETSTORM	id:	150119	Trust: 0.1
db:	PACKETSTORM	id:	150115	Trust: 0.1
db:	PACKETSTORM	id:	149655	Trust: 0.1
db:	PACKETSTORM	id:	149516	Trust: 0.1
db:	PACKETSTORM	id:	150114	Trust: 0.1
db:	PACKETSTORM	id:	149513	Trust: 0.1
db:	PACKETSTORM	id:	149605	Trust: 0.1
db:	PACKETSTORM	id:	149722	Trust: 0.1

sources: VULHUB: VHN-134359 // VULMON: CVE-2018-4328 // JVNDB: JVNDB-2018-014885 // JVNDB: JVNDB-2018-008148 // PACKETSTORM: 150119 // PACKETSTORM: 150115 // PACKETSTORM: 149655 // PACKETSTORM: 149516 // PACKETSTORM: 150114 // PACKETSTORM: 149513 // PACKETSTORM: 149605 // PACKETSTORM: 149722 // CNNVD: CNNVD-201809-1159 // NVD: CVE-2018-4328

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2018-4328	Trust: 2.2
url:	https://support.apple.com/kb/ht209106	Trust: 1.8
url:	https://support.apple.com/kb/ht209107	Trust: 1.8
url:	https://support.apple.com/kb/ht209109	Trust: 1.8
url:	https://support.apple.com/kb/ht209140	Trust: 1.8
url:	https://support.apple.com/kb/ht209141	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4328	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu93341447/index.html	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu92800088/index.html	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu92800088	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4191	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4317	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4312	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4299	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4323	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4318	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4309	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4315	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4197	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4316	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4306	Trust: 0.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4314	Trust: 0.7
url:	https://support.apple.com/kb/ht201222	Trust: 0.6
url:	https://www.apple.com/support/security/pgp/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4361	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4359	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4358	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4319	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4311	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4345	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4126	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4360	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4336	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4305	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4344	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4313	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1777	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4321	Trust: 0.2
url:	https://support.apple.com/ht204283	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4412	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4414	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4347	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4209	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.exploit-db.com/exploits/45483/	Trust: 0.1
url:	https://usn.ubuntu.com/3781-1/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4203	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4332	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4343	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4340	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4304	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4331	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4341	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4337	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/webkit2gtk/2.22.2-0ubuntu0.18.04.1	Trust: 0.1
url:	https://usn.ubuntu.com/usn/usn-3781-1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5383	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4363	Trust: 0.1
url:	https://www.apple.com/itunes/download/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4307	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4195	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4329	Trust: 0.1
url:	https://www.tencent.com)	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4208	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4213	Trust: 0.1
url:	https://wpewebkit.org/security/.	Trust: 0.1
url:	https://wpewebkit.org/security/wsa-2018-0007.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4212	Trust: 0.1
url:	https://webkitgtk.org/security.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4210	Trust: 0.1
url:	https://webkitgtk.org/security/wsa-2018-0007.html	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4207	Trust: 0.1

CREDITS

Apple

Trust: 0.6

sources: PACKETSTORM: 150119 // PACKETSTORM: 150115 // PACKETSTORM: 149516 // PACKETSTORM: 150114 // PACKETSTORM: 149513 // PACKETSTORM: 149722

SOURCES

db:	VULHUB	id:	VHN-134359
db:	VULMON	id:	CVE-2018-4328
db:	JVNDB	id:	JVNDB-2018-014885
db:	JVNDB	id:	JVNDB-2018-008148
db:	PACKETSTORM	id:	150119
db:	PACKETSTORM	id:	150115
db:	PACKETSTORM	id:	149655
db:	PACKETSTORM	id:	149516
db:	PACKETSTORM	id:	150114
db:	PACKETSTORM	id:	149513
db:	PACKETSTORM	id:	149605
db:	PACKETSTORM	id:	149722
db:	CNNVD	id:	CNNVD-201809-1159
db:	NVD	id:	CVE-2018-4328

LAST UPDATE DATE

2025-05-04T23:04:59.211000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-134359	date:	2019-04-04T00:00:00
db:	VULMON	id:	CVE-2018-4328	date:	2019-04-04T00:00:00
db:	JVNDB	id:	JVNDB-2018-014885	date:	2019-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-008148	date:	2018-10-10T00:00:00
db:	CNNVD	id:	CNNVD-201809-1159	date:	2019-04-08T00:00:00
db:	NVD	id:	CVE-2018-4328	date:	2024-11-21T04:07:12.193

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-134359	date:	2019-04-03T00:00:00
db:	VULMON	id:	CVE-2018-4328	date:	2019-04-03T00:00:00
db:	JVNDB	id:	JVNDB-2018-014885	date:	2019-04-17T00:00:00
db:	JVNDB	id:	JVNDB-2018-008148	date:	2018-10-10T00:00:00
db:	PACKETSTORM	id:	150119	date:	2018-10-31T16:17:40
db:	PACKETSTORM	id:	150115	date:	2018-10-31T16:10:39
db:	PACKETSTORM	id:	149655	date:	2018-10-03T15:17:11
db:	PACKETSTORM	id:	149516	date:	2018-09-25T16:32:23
db:	PACKETSTORM	id:	150114	date:	2018-10-31T16:10:29
db:	PACKETSTORM	id:	149513	date:	2018-09-25T16:25:47
db:	PACKETSTORM	id:	149605	date:	2018-10-01T17:13:20
db:	PACKETSTORM	id:	149722	date:	2018-10-09T16:58:43
db:	CNNVD	id:	CNNVD-201809-1159	date:	2018-09-27T00:00:00
db:	NVD	id:	CVE-2018-4328	date:	2019-04-03T18:29:08.063