VARIoT IoT vulnerabilities database
| VAR-201810-0131 | CVE-2018-15707 |
Advantech WebAccess Bwmainleft.asp Page Cross-Site Scripting Vulnerability
Related entries in the VARIoT exploits database: VAR-E-201811-0024 |
CVSS V2: 3.5 CVSS V3: 5.4 Severity: MEDIUM |
Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment
| VAR-201810-0130 | CVE-2018-15706 | Advantech WebAccess WADashboard API 'readFile' Method Path Traversal Vulnerability |
CVSS V2: 6.8 CVSS V3: 6.5 Severity: MEDIUM |
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API. Advantech WebAccess Contains a path traversal vulnerability.Information may be obtained. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. The WADashboard API is one of the dashboard API components. A path traversal vulnerability exists in the \342\200\230readFile\342\200\231 method of the WADashboard API in Advantech WebAccess versions 8.3.1 and 8.3.2
| VAR-201810-0129 | CVE-2018-15705 |
Advantech WebAccess WADashboard API Path traversal vulnerability
Related entries in the VARIoT exploits database: VAR-E-201811-0024 |
CVSS V2: 8.5 CVSS V3: 6.5 Severity: MEDIUM |
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code. Advantech WebAccess Contains a path traversal vulnerability.Information may be tampered with. Advantech WebAccess is a suite of browser-based HMI/SCADA software from Advantech. The software supports dynamic graphical display and real-time data control, and provides the ability to remotely control and manage automation equipment. The WADashboard API is one of the dashboard API components. A path traversal vulnerability exists in the \342\200\230writeFile\342\200\231 method of the WADashboard API in Advantech WebAccess versions 8.3.1 and 8.3.2
| VAR-201904-1480 | CVE-2018-4367 | plural Apple Updates to product vulnerabilities |
CVSS V2: 7.5 CVSS V3: 9.8 Severity: CRITICAL |
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. FaceTime is one of those video calling software. A buffer error vulnerability exists in the FaceTime component of Apple's iOS prior to 12.1. A remote attacker could exploit this vulnerability to execute arbitrary code (memory corruption). -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers. This issue was addressed by using pseudorandom bases for
testing of primes.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device. This issue was addressed by restricting options
offered on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1479 | CVE-2018-4366 | plural Apple Updates to product vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. FaceTime is one of those video calling software. A buffer error vulnerability exists in the FaceTime component of Apple's iOS prior to 12.1. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers. This issue was addressed by using pseudorandom bases for
testing of primes.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device. This issue was addressed by restricting options
offered on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1478 | CVE-2018-4365 | plural Apple Updates to product vulnerabilities |
CVSS V2: 4.3 CVSS V3: 5.5 Severity: MEDIUM |
An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to iOS 12.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. iOS Contains a flaw related to out-of-bounds reading due to a flaw in processing related to bounds checking.Service operation interruption (DoS) There is a possibility of being put into a state. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Contacts is one of the contact components. A buffer error vulnerability exists in the Contacts component of Apple's iOS prior to 12.1. An attacker can use a specially crafted vcf file to exploit this vulnerability to cause a denial of service. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers. This issue was addressed by using pseudorandom bases for
testing of primes.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device. This issue was addressed by restricting options
offered on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1483 | CVE-2018-4371 | plural Apple Updates to product vulnerabilities |
CVSS V2: 6.8 CVSS V3: 7.8 Severity: HIGH |
An out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. plural Apple There is a vulnerability related to out-of-bounds reading because the product does not properly handle input validation.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. IPSec is one of the Internet Protocol security components. A buffer error vulnerability exists in the IPSec component of several Apple products. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers. This issue was addressed by using pseudorandom bases for
testing of primes.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device. This issue was addressed by restricting options
offered on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 12.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1482 | CVE-2018-4369 | plural Apple Logic vulnerabilities in products |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. plural Apple There is a logic vulnerability in the product due to a lack of state management.Information may be obtained. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. NetworkExtension is one of the network extension components. An input validation error vulnerability exists in the NetworkExtension component of several Apple products. Attackers can exploit this vulnerability to leak DNS queries.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 12.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1486 | CVE-2018-4374 | plural Apple Updates to product vulnerabilities |
CVSS V2: 4.3 CVSS V3: 6.1 Severity: MEDIUM |
A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. plural Apple There is a cross-site scripting vulnerability in the product due to a flaw in processing related to input validation.Information may be obtained and information may be altered. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Safari Reader is one of the browser's built-in reader components. A remote attacker could use a specially crafted webpage to exploit this vulnerability to carry out a cross-site scripting attack.
Alternatively, on your watch, select "My Watch > General > About".
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
Installation note:
Safari 12.0.1 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 12.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1481 | CVE-2018-4368 | plural Apple Updates to product vulnerabilities |
CVSS V2: 4.0 CVSS V3: 6.5 Severity: MEDIUM |
A denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. plural Apple The product has inadequate processing related to verification, so it interferes with service operation. (DoS) Vulnerabilities exist.Service operation interruption (DoS) There is a possibility of being put into a state. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. WiFi is one of the wireless network components. An input validation error vulnerability exists in the WiFi component of several Apple products.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 12.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1457 | CVE-2018-4342 | plural Apple Updates to product vulnerabilities |
CVSS V2: 2.1 CVSS V3: 5.5 Severity: MEDIUM |
A configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. macOS Has a configuration vulnerability due to flaws in handling restrictions.Information may be tampered with. Apple macOS Mojave is a set of dedicated operating systems developed by Apple for Mac computers. EFI is one of the firmware upgrade interfaces. A local attacker could exploit this vulnerability to modify protected parts of the file system
| VAR-201904-1455 | CVE-2018-4403 | plural Apple Updates to product vulnerabilities |
CVSS V2: 4.3 CVSS V3: 5.5 Severity: MEDIUM |
This issue was addressed by removing additional entitlements. This issue affected versions prior to macOS Mojave 10.14.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. macOS Contains an information disclosure vulnerability due to a flaw in handling additional entitlements.Information may be obtained. Apple macOS Mojave is a set of dedicated operating systems developed by Apple for Mac computers. The Dock is one of the graphical user interfaces used to start and switch running applications. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components
| VAR-201904-1454 | CVE-2018-4402 | plural Apple Updates to product vulnerabilities |
CVSS V2: 9.3 CVSS V3: 7.8 Severity: HIGH |
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple macOS Mojave and so on are a set of dedicated operating systems developed by Apple for Mac computers. An attacker could exploit this vulnerability with an application to execute arbitrary code with system privileges
| VAR-201904-1452 | CVE-2018-4400 | Mail app for iOS vulnerable to denial-of-service (DoS) |
CVSS V2: 4.3 CVSS V3: 5.5 Severity: MEDIUM |
A validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1. Mail app for iOS provided by Apple contains a denial-of-service (DoS) vulnerability due to an issue in the handling of a maliciously crafted S/MIME signed message. Yukinobu Nagayasu of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Mail app may continuously crash when a maliciously crafted S/MIME signed message is listed on it. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple macOS Mojave is a dedicated operating system developed for Mac computers. Security is one of the security components. An input validation error vulnerability exists in the Security component of several Apple products. Attackers can use maliciously crafted S/MIME signature messages to exploit this vulnerability to cause a denial of service.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 12.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1484 | CVE-2018-4372 | plural Apple Updates to product vulnerabilities |
CVSS V2: 6.8 CVSS V3: 8.8 Severity: HIGH |
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. tvOS is a smart TV operating system. Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products.
Alternatively, on your watch, select "My Watch > General > About".
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
Installation note:
Safari 12.0.1 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device. This issue was addressed by restricting options
offered on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 12.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
. ------------------------------------------------------------------------
WebKitGTK+ and WPE WebKit Security Advisory WSA-2018-0008
------------------------------------------------------------------------
Date reported : November 21, 2018
Advisory ID : WSA-2018-0008
WebKitGTK+ Advisory URL :
https://webkitgtk.org/security/WSA-2018-0008.html
WPE WebKit Advisory URL :
https://wpewebkit.org/security/WSA-2018-0008.html
CVE identifiers : CVE-2018-4345, CVE-2018-4372, CVE-2018-4373,
CVE-2018-4375, CVE-2018-4376, CVE-2018-4378,
CVE-2018-4382, CVE-2018-4386, CVE-2018-4392,
CVE-2018-4416.
Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit.
CVE-2018-4345
Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before
2.22.1.
Credit to an anonymous researcher.
A cross-site scripting issue existed in WebKit. This issue was
addressed with improved URL validation.
CVE-2018-4372
Versions affected: WebKitGTK+ before 2.22.4 and WPE WebKit before
2.22.2.
Credit to HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4373
Versions affected: WebKitGTK+ and WPE WebKit before 2.22.0.
Credit to ngg, alippai, DirtYiCE, KT of Tresorit working with Trend
Microys Zero Day Initiative.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4375
Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before
2.22.0.
Credit to Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4376
Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before
2.22.0.
Credit to 010 working with Trend Micro's Zero Day Initiative.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4378
Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before
2.22.0.
Credit to an anonymous researcher, zhunki of 360 ESG Codesafe Team.
Processing maliciously crafted web content may lead to code
execution.
CVE-2018-4382
Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before
2.22.0.
Credit to lokihardt of Google Project Zero.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4386
Versions affected: WebKitGTK+ before 2.22.3 and WPE WebKit before
2.22.1.
Credit to lokihardt of Google Project Zero.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4392
Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before
2.22.0.
Credit to zhunki of 360 ESG Codesafe Team.
Processing maliciously crafted web content may lead to arbitrary
code execution.
CVE-2018-4416
Versions affected: WebKitGTK+ before 2.22.1 and WPE WebKit before
2.22.0.
Credit to lokihardt of Google Project Zero.
Processing maliciously crafted web content may lead to arbitrary
code execution.
We recommend updating to the latest stable versions of WebKitGTK+ and
WPE WebKit. It is the best way to ensure that you are running safe
versions of WebKit. Please check our websites for information about the
latest stable releases.
Further information about WebKitGTK+ and WPE WebKit security advisories
can be found at: https://webkitgtk.org/security.html or
https://wpewebkit.org/security/.
The WebKitGTK+ and WPE WebKit team,
November 21, 2018
| VAR-201904-1443 | CVE-2018-4389 | plural Apple Updates to product vulnerabilities |
CVSS V2: 4.3 CVSS V3: 6.5 Severity: MEDIUM |
An inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to macOS Mojave 10.14.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple macOS Mojave is a set of dedicated operating systems developed by Apple for Mac computers. Mail is one of the email components. An input validation error vulnerability exists in the Mail component in Apple macOS Mojave prior to 10.14.1. The vulnerability stems from the failure of the network system or product to properly validate the input data
| VAR-201904-1441 | CVE-2018-4387 | plural Apple Updates to product vulnerabilities |
CVSS V2: 2.1 CVSS V3: 2.4 Severity: LOW |
A lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. VoiceOver is one of the voice assistant components. An information disclosure vulnerability exists in the VoiceOver component of Apple iOS prior to 12.1. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers. This issue was addressed by using pseudorandom bases for
testing of primes.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1442 | CVE-2018-4388 | plural Apple Updates to product vulnerabilities |
CVSS V2: 2.1 CVSS V3: 4.6 Severity: MEDIUM |
A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. Notes is one of the memo components. This vulnerability stems from configuration errors in network systems or products during operation. An unauthorized attacker could exploit the vulnerability to obtain sensitive information of the affected components. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers. This issue was addressed by using pseudorandom bases for
testing of primes.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari. This
issue was addressed with improved URL validation.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1439 | CVE-2018-4385 | plural Apple Updates to product vulnerabilities |
CVSS V2: 4.3 CVSS V3: 6.5 Severity: MEDIUM |
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. iOS Contains a flaw in input validation due to a flaw in state management.Information may be tampered with. Apple iOS is an operating system developed by Apple (Apple) for mobile devices. WebKit is one of the web browser engine components. The vulnerability stems from the failure of the network system or product to properly validate the input data. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----
| VAR-201904-1450 | CVE-2018-4398 | plural Apple Updates to product vulnerabilities |
CVSS V2: 5.0 CVSS V3: 7.5 Severity: HIGH |
An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. plural Apple The product has a flaw in the processing of pseudo-random numbers, so there is a vulnerability in the prime number determination method.Information may be tampered with. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple macOS Mojave is a dedicated operating system developed for Mac computers. CoreCrypto is one of the core encryption components. An input validation error vulnerability exists in the CoreCrypto component of several Apple products. The vulnerability stems from the failure of the network system or product to properly validate the input data.
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2018-10-30-1 iOS 12.1
iOS 12.1 is now available and addresses the following:
AppleAVD
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing malicious video via FaceTime may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
Contacts
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted vcf file may lead to a
denial of service
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2018-4365: an anonymous researcher
CoreCrypto
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker may be able to exploit a weakness in the
Miller-Rabin primality test to incorrectly identify prime numbers
Description: An issue existed in the method for determining prime
numbers.
CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of
Royal Holloway, University of London, and Juraj Somorovsky of Ruhr
University, Bochum
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to leak memory
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4366: Natalie Silvanovich of Google Project Zero
FaceTime
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4367: Natalie Silvanovich of Google Project Zero
Graphics Driver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4384: Natalie Silvanovich of Google Project Zero
ICU
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2018-4394: an anonymous researcher
IOHIDFamily
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4427: Pangu Team
IPSec
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2018-4420: Mohamed Ghannam (@_simo36)
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security
Team
Kernel
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4419: Mohamed Ghannam (@_simo36)
Messages
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4390: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
CVE-2018-4391: Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter
NetworkExtension
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Connecting to a VPN server may leak DNS queries to a DNS
proxy
Description: A logic issue was addressed with improved state
management.
CVE-2018-4369: an anonymous researcher
Notes
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to share items from the lock
screen
Description: A lock screen issue allowed access to the share function
on a locked device. This issue was addressed by restricting options
offered on a locked device.
CVE-2018-4388: videosdebarraquito
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2018-4374: Ryan Pickren (ryanpickren.com)
Safari Reader
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Enabling the Safari Reader feature on a maliciously crafted
webpage may lead to universal cross site scripting
Description: A cross-site scripting issue existed in Safari.
CVE-2018-4377: Ryan Pickren (ryanpickren.com)
Security
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted S/MIME signed message may
lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2018-4400: Yukinobu Nagayasu of LAC Co., Ltd.
VoiceOver
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A local attacker may be able to view photos from the lock
screen
Description: A lock screen issue allowed access to photos via Reply
With Message on a locked device. This issue was addressed with
improved state management.
CVE-2018-4387: videosdebarraquito
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A logic issue was addressed with improved state
management.
CVE-2018-4385: an anonymous researcher
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST
Softsec Lab, Korea
CVE-2018-4373: ngg, alippai, DirtYiCE, KT of Tresorit working with
Trend Micro's Zero Day Initiative
CVE-2018-4375: Yu Haiwan and Wu Hongjun From Nanyang Technological
University working with Trend Micro's Zero Day Initiative
CVE-2018-4376: 010 working with Trend Micro's Zero Day Initiative
CVE-2018-4382: lokihardt of Google Project Zero
CVE-2018-4386: lokihardt of Google Project Zero
CVE-2018-4392: zhunki of 360 ESG Codesafe Team
CVE-2018-4416: lokihardt of Google Project Zero
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: A malicious website may be able to cause a denial of service
Description: A resource exhaustion issue was addressed with improved
input validation.
CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH
WebKit
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe
Team
WiFi
Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A denial of service issue was addressed with improved
validation.
CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile
Networking Lab at Technische UniversitA$?t Darmstadt
Additional recognition
Certificate Signing
We would like to acknowledge YiAit Can YILMAZ (@yilmazcanyigit) for
their assistance.
CommonCrypto
We would like to acknowledge an anonymous researcher for their
assistance.
iBooks
We would like to acknowledge Sem VoigtlA$?nder of Fontys Hogeschool
ICT for their assistance.
Security
We would like to acknowledge Marinos Bernitsas of Parachute for their
assistance.
Installation note:
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 12.1".
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlvYkgUpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3HpTw/7
Bkh9bUEddgGUejpnjO1DRiBlHUDQMssF7nG2LM5JOcCDoLkeHSdcr86KnR7VEyYp
qSllLijO9ZzrLtJuZSEelDCi+eL1Ojk3kP/6ZeMRIxDkYItR7EFWQUK71wcInk5k
qPZp2FnKU3qx0Ax7wzQi3GTQk8CZCVWcuCzh0UA0Nc3rgk0bf29+7AKmgiTaT2Ra
Yo4bRIXRuyi+jE39hN4x41vwjSbaxr5EZb9rvL5HT6Idipcoc9aS+sDbsscXjz/5
9WHlwAB5mxeqO3vY5WNlLhOUXXqMVRfPC/qxQocl86r2AE9jJedQFl/p9qpG59we
FrAejzKTU+1GpI4dGY6puAJval5DlcedWBxsyBxFAT04HdY0pfgF4zpFDTHRj6no
HnEvtF+pNgqX2OTTLCXtMG4r5c7b1yrOPYkM6FS+BjLV2H0X9n3PpvX0qvAqSTn3
RGbkJqHFV4G/DwsWUQQOOXNCthEwhzbT2n7mc+rCtN1WPUu99fGGZusMAqetmVvl
hgUIVPp9+ZHs64BlTzD+xu8e6jyoJ8YoPD9a/r+ENXxHJz6Mr8Jd/E2ZesN5tWpi
sO3ajUx/d158T4jfAvIE8tJGungUgehPVIIR5120nYxHc6gMUAYzirwFptfvSpb8
HWzMnE69KcP9Lnhtgp7fRv+HKpJmrsjOLKyldZzjZlA=
=cetI
-----END PGP SIGNATURE-----