Details of VAR-201904-1453

ID

VAR-201904-1453

CVE

CVE-2018-4401

TITLE

plural Apple Updates to product vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2018-008908

DESCRIPTION

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. IOUserEthernet is one of the Ethernet components. A buffer error vulnerability exists in the IOUserEthernet component in several Apple products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2018-10-30-10 Additional information for APPLE-SA-2018-9-24-5 watchOS 5 watchOS 5 addresses the following: CFNetwork Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4126: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 CoreFoundation Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4412: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreFoundation Available for: Apple Watch Series 1 and later Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4414: The UK's National Cyber Security Centre (NCSC) Entry added October 30, 2018 CoreText Available for: Apple Watch Series 1 and later Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2018-4347: an anonymous researcher Entry added October 30, 2018 Grand Central Dispatch Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4426: Brandon Azad Entry added October 30, 2018 Heimdal Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4331: Brandon Azad CVE-2018-4332: Brandon Azad CVE-2018-4343: Brandon Azad Entry added October 30, 2018 IOHIDFamily Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation CVE-2018-4408: Ian Beer of Google Project Zero Entry added October 30, 2018 IOKit Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4341: Ian Beer of Google Project Zero CVE-2018-4354: Ian Beer of Google Project Zero Entry added October 30, 2018 IOKit Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2018-4383: Apple Entry added October 30, 2018 IOUserEthernet Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4401: Apple Entry added October 30, 2018 iTunes Store Available for: Apple Watch Series 1 and later Impact: An attacker in a privileged network position may be able to spoof password prompts in the iTunes Store Description: An input validation issue was addressed with improved input validation. CVE-2018-4305: Jerry Decime Kernel Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to leak sensitive user information Description: An access issue existed with privileged API calls. This issue was addressed with additional restrictions. CVE-2018-4399: Fabiano Anemone (@anoane) Entry added October 30, 2018 Kernel Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4336: Brandon Azad CVE-2018-4337: Ian Beer of Google Project Zero CVE-2018-4340: Mohamed Ghannam (@_simo36) CVE-2018-4344: The UK's National Cyber Security Centre (NCSC) CVE-2018-4425: cc working with Trend Micro's Zero Day Initiative, Juwei Lin (@panicaII) of Trend Micro working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 Kernel Available for: Apple Watch Series 1 and later Impact: An application may be able to read restricted memory Description: An input validation issue existed in the kernel. CVE-2018-4363: Ian Beer of Google Project Zero Kernel Available for: Apple Watch Series 1 and later Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A memory corruption issue was addressed with improved validation. CVE-2018-4407: Kevin Backhouse of Semmle Ltd. Entry added October 30, 2018 Safari Available for: Apple Watch Series 1 and later Impact: A local user may be able to discover websites a user has visited Description: A consistency issue existed in the handling of application snapshots. CVE-2018-4313: 11 anonymous researchers, David Scott, Enes Mert Ulu of Abdullah MA1/4rAide AzA1/4nenek Anadolu Lisesi - Ankara/TA1/4rkiye, Mehmet Ferit DaAtan of Van YA1/4zA1/4ncA1/4 YA+-l University, Metin Altug Karakaya of Kaliptus Medical Organization, Vinodh Swami of Western Governor's University (WGU) Security Available for: Apple Watch Series 1 and later Impact: A local user may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2018-4395: Patrick Wardle of Digita Security Entry added October 30, 2018 Security Available for: Apple Watch Series 1 and later Impact: An attacker may be able to exploit weaknesses in the RC4 cryptographic algorithm Description: This issue was addressed by removing RC4. CVE-2016-1777: Pepi Zawodsky Symptom Framework Available for: Apple Watch Series 1 and later Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2018-4203: Bruno Keith (@bkth_) working with Trend Micro's Zero Day Initiative Entry added October 30, 2018 Text Available for: Apple Watch Series 1 and later Impact: Processing a maliciously crafted text file may lead to a denial of service Description: A denial of service issue was addressed with improved validation. CVE-2018-4304: jianan.huang (@Sevck) Entry added October 30, 2018 WebKit Available for: Apple Watch Series 1 and later Impact: Unexpected interaction causes an ASSERT failure Description: A memory corruption issue was addressed with improved validation. CVE-2018-4191: found by OSS-Fuzz WebKit Available for: Apple Watch Series 1 and later Impact: Cross-origin SecurityErrors includes the accessed frame's origin Description: The issue was addressed by removing origin information. CVE-2018-4311: Erling Alf Ellingsen (@steike) WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4299: Samuel GroI2 (saelo) working with Trend Micro's Zero Day Initiative CVE-2018-4358: @phoenhex team (@bkth_ @5aelo @_niklasb) working with Trend Micro's Zero Day Initiative CVE-2018-4359: Samuel GroA (@5aelo) WebKit Available for: Apple Watch Series 1 and later Impact: A malicious website may cause unexepected cross-origin behavior Description: A cross-origin issue existed with "iframe" elements. CVE-2018-4319: John Pettitt of Google WebKit Available for: Apple Watch Series 1 and later Impact: Unexpected interaction causes an ASSERT failure Description: A memory consumption issue was addressed with improved memory handling. CVE-2018-4361: found by OSS-Fuzz Additional recognition Core Data We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. Kernel We would like to acknowledge Brandon Azad for their assistance. Sandbox Profiles We would like to acknowledge Tencent Keen Security Lab working with Trend Micro's Zero Day Initiative for their assistance. SQLite We would like to acknowledge Andreas Kurtz (@aykay) of NESO Security Labs GmbH for their assistance. WebKit We would like to acknowledge Tencent Keen Security Lab working with Trend Micro's Zero Day Initiative for their assistance. Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3GbihAA rJrGRlOECVnj/z6kzobQ6SjqeXQanrEJKOEbP12pOEgOcqhJd/CsRIGMGxtG8cRC H60/qGsVtDXhqmGZQl2cBaMeg+bagLvSaRUC6urXqYLIKoGay7zsbQyWS4hAbyNu Gpu0k5bvb2tr3IZIfqHfUcScxpsB3zJiYejtgLow2MDbkt84qNqx73xYbOIXDJoc kfyNhb/RKqiXOi5Yvh+E84GARjUSGUFD5fMbIMu7Lf0cwGpL3XakKG8S+8L0W3/W vGsl7V8DWeH6qbVoMkLUxWGxWzCd4bUr88J0cybski3L4SvpYbDPMMKxQkyn4Rfq qSDG3RMS0MUeoGn/iwRcJ8p6gPMGjWTT+lvX0XaZzG3b/mkOw8C2jRs1Ds8vUbRB Pxn1AQvg0x+EW/HIKqrvbE6i5pLjhurHYChy9tI9AS2iSHsAnrSB8DV8mc4T4v6a zJqJO5qPPCVJ9K328l+FyXe+X5erQP4/dwol71VjweA/peSJCL34/YL3oSs9e41R ApabYVIphnq0Ion5gVNancPhgQEbkIjMncFiGRg4wF0jly2Ni+NsnDquTKEM3VvG mOlo0VVw3XxLhtiQF/RKbQSy+6dK0YGykIsmnz/DsstxS4xRiWbk75XErA/nSwPs fHAicxI2AmpI+PbdYcPI4D3eJr/1ZDH8NvY1897WX5c= =fz+z -----END PGP SIGNATURE-----

Trust: 3.33

sources: NVD: CVE-2018-4401 // JVNDB: JVNDB-2018-008908 // JVNDB: JVNDB-2018-014954 // JVNDB: JVNDB-2018-007762 // VULHUB: VHN-134432 // VULMON: CVE-2018-4401 // PACKETSTORM: 150113

AFFECTED PRODUCTS

vendor:	apple	model:	watchos	scope:	lt	version:	5.0	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	12.0	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	12	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.14	Trust: 1.0
vendor:	apple	model:	icloud	scope:	lt	version:	for windows 7.8 earlier	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12.1 earlier	Trust: 0.8
vendor:	apple	model:	itunes	scope:	lt	version:	12.9.1 earlier	Trust: 0.8
vendor:	apple	model:	macos high sierra	scope:	eq	version:	(security update 2018-001 not applied )	Trust: 0.8
vendor:	apple	model:	macos mojave	scope:	lt	version:	10.14.1 earlier	Trust: 0.8
vendor:	apple	model:	macos sierra	scope:	eq	version:	(security update 2018-005 not applied )	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	12.0.1 earlier	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	12.1 earlier	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	5.1 earlier	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.12.6	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.13.6	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	10.14	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12 (ipad air or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12 (iphone 5s or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	12 (ipod touch first 6 generation )	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	12 (apple tv 4k)	Trust: 0.8
vendor:	apple	model:	tvos	scope:	lt	version:	12 (apple tv first 4 generation )	Trust: 0.8
vendor:	apple	model:	watchos	scope:	lt	version:	5 (apple watch series 1 or later )	Trust: 0.8
vendor:	apple	model:	macos mojave	scope:	lt	version:	10.14 earlier	Trust: 0.8

sources: JVNDB: JVNDB-2018-008908 // JVNDB: JVNDB-2018-014954 // JVNDB: JVNDB-2018-007762 // NVD: CVE-2018-4401

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-4401
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-4401
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201810-1506
value:	HIGH
Trust: 0.6
VULHUB:	VHN-134432
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-4401
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-4401
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-134432
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-4401
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-134432 // VULMON: CVE-2018-4401 // JVNDB: JVNDB-2018-014954 // CNNVD: CNNVD-201810-1506 // NVD: CVE-2018-4401

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-134432 // JVNDB: JVNDB-2018-014954 // NVD: CVE-2018-4401

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201810-1506

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201810-1506

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-008908

PATCH

title:	About the security content of macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra	url:	https://support.apple.com/en-us/HT209193	Trust: 1.6
title:	HT209139	url:	https://support.apple.com/en-us/HT209139	Trust: 1.6
title:	About the security content of iTunes 12.9.1	url:	https://support.apple.com/en-us/HT209197	Trust: 0.8
title:	About the security content of iCloud for Windows 7.8	url:	https://support.apple.com/en-us/HT209198	Trust: 0.8
title:	About the security content of Safari 12.0.1	url:	https://support.apple.com/en-us/HT209196	Trust: 0.8
title:	About the security content of tvOS 12.1	url:	https://support.apple.com/en-us/HT209194	Trust: 0.8
title:	About the security content of iOS 12.1	url:	https://support.apple.com/en-us/HT209192	Trust: 0.8
title:	About the security content of watchOS 5.1	url:	https://support.apple.com/en-us/HT209195	Trust: 0.8
title:	HT209106	url:	https://support.apple.com/en-us/HT209106	Trust: 0.8
title:	HT209107	url:	https://support.apple.com/en-us/HT209107	Trust: 0.8
title:	HT209108	url:	https://support.apple.com/en-us/HT209108	Trust: 0.8
title:	HT209106	url:	https://support.apple.com/ja-jp/HT209106	Trust: 0.8
title:	HT209107	url:	https://support.apple.com/ja-jp/HT209107	Trust: 0.8
title:	HT209108	url:	https://support.apple.com/ja-jp/HT209108	Trust: 0.8
title:	HT209139	url:	https://support.apple.com/ja-jp/HT209139	Trust: 0.8
title:	HT209193	url:	https://support.apple.com/ja-jp/HT209193	Trust: 0.8
title:	Apple macOS IOUserEthernet Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86484	Trust: 0.6

sources: JVNDB: JVNDB-2018-008908 // JVNDB: JVNDB-2018-014954 // JVNDB: JVNDB-2018-007762 // CNNVD: CNNVD-201810-1506

EXTERNAL IDS

db:	NVD	id:	CVE-2018-4401	Trust: 2.7
db:	JVN	id:	JVNVU96365720	Trust: 1.6
db:	JVN	id:	JVNVU99356481	Trust: 1.6
db:	JVNDB	id:	JVNDB-2018-008908	Trust: 0.8
db:	JVN	id:	JVNVU93341447	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-014954	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-007762	Trust: 0.8
db:	CNNVD	id:	CNNVD-201810-1506	Trust: 0.7
db:	VULHUB	id:	VHN-134432	Trust: 0.1
db:	VULMON	id:	CVE-2018-4401	Trust: 0.1
db:	PACKETSTORM	id:	150113	Trust: 0.1

sources: VULHUB: VHN-134432 // VULMON: CVE-2018-4401 // JVNDB: JVNDB-2018-008908 // JVNDB: JVNDB-2018-014954 // JVNDB: JVNDB-2018-007762 // PACKETSTORM: 150113 // CNNVD: CNNVD-201810-1506 // NVD: CVE-2018-4401

REFERENCES

url:	https://support.apple.com/kb/ht209106	Trust: 1.8
url:	https://support.apple.com/kb/ht209107	Trust: 1.8
url:	https://support.apple.com/kb/ht209108	Trust: 1.8
url:	https://support.apple.com/kb/ht209139	Trust: 1.8
url:	https://support.apple.com/kb/ht209193	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4401	Trust: 1.5
url:	https://jvn.jp/vu/jvnvu96365720/	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4401	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu96365720/index.html	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu93341447/index.html	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu99356481/index.html	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu99356481/	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://seclists.org/fulldisclosure/2018/nov/15	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4319	Trust: 0.1
url:	https://support.apple.com/kb/ht204641	Trust: 0.1
url:	https://support.apple.com/kb/ht201222	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4203	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4336	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4305	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4191	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4344	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4332	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4361	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4383	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4311	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4343	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4340	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4304	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4126	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4359	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4354	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4399	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4358	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4395	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4331	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4313	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2016-1777	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4341	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4299	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4347	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4337	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-4363	Trust: 0.1

CREDITS

Apple

Trust: 0.1

sources: PACKETSTORM: 150113

SOURCES

db:	VULHUB	id:	VHN-134432
db:	VULMON	id:	CVE-2018-4401
db:	JVNDB	id:	JVNDB-2018-008908
db:	JVNDB	id:	JVNDB-2018-014954
db:	JVNDB	id:	JVNDB-2018-007762
db:	PACKETSTORM	id:	150113
db:	CNNVD	id:	CNNVD-201810-1506
db:	NVD	id:	CVE-2018-4401

LAST UPDATE DATE

2024-11-23T20:34:20.193000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-134432	date:	2019-04-05T00:00:00
db:	VULMON	id:	CVE-2018-4401	date:	2019-04-05T00:00:00
db:	JVNDB	id:	JVNDB-2018-008908	date:	2018-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-014954	date:	2019-04-18T00:00:00
db:	JVNDB	id:	JVNDB-2018-007762	date:	2018-09-26T00:00:00
db:	CNNVD	id:	CNNVD-201810-1506	date:	2019-04-09T00:00:00
db:	NVD	id:	CVE-2018-4401	date:	2024-11-21T04:07:20.583

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-134432	date:	2019-04-03T00:00:00
db:	VULMON	id:	CVE-2018-4401	date:	2019-04-03T00:00:00
db:	JVNDB	id:	JVNDB-2018-008908	date:	2018-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-014954	date:	2019-04-18T00:00:00
db:	JVNDB	id:	JVNDB-2018-007762	date:	2018-09-26T00:00:00
db:	PACKETSTORM	id:	150113	date:	2018-10-31T16:10:19
db:	CNNVD	id:	CNNVD-201810-1506	date:	2018-10-31T00:00:00
db:	NVD	id:	CVE-2018-4401	date:	2019-04-03T18:29:13.393