CVE-2018-4194

EPSS 0.54%
Published 11.01.2019 18:29:01
Last modified 21.11.2024 04:06:56
Source product-security@apple.com
Teams watchlist Login
Open Login

In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.

Affected products Warnungen 0 Metrics 3 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Apple ≫ iPhone OS Version < 11.4

Apple ≫ macOS X Version >= 10.13.0 < 10.13.5

Apple ≫ watchOS Version < 4.3.1

Apple ≫ iCloud Version < 7.5

Microsoft ≫ Windows

Apple ≫ iTunes Version < 12.7.5

Microsoft ≫ Windows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.54%	0.647

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://support.apple.com/HT208849

Vendor Advisory

https://support.apple.com/HT208848

Vendor Advisory

https://support.apple.com/HT208852

Vendor Advisory

https://support.apple.com/HT208853

Vendor Advisory

https://support.apple.com/HT208851

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-4194

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-4194

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-4194

EUVD