CVE-2018-4191Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Icloud

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents7 sources
Severity
8.8HIGHNVD
EPSS
0.9%
top 24.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple IcloudApple Iphone OSApple Itunes+3 more
Timeline
PublishedApr 3
Latest updateMay 14

Description

A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages6 packages

NVDapple/tvos< 12
NVDapple/icloud< 7.7
NVDapple/itunes< 12.9
NVDapple/safari< 12
NVDapple/watchos< 5.0

🔴Vulnerability Details

3
GHSA
GHSA-33mm-hrgw-4v3f: A memory corruption issue was addressed with improved validation2022-05-14
OSV
CVE-2018-4191: A memory corruption issue was addressed with improved validation2019-04-03
CVEList
CVE-2018-4191: A memory corruption issue was addressed with improved validation2019-04-03

📋Vendor Advisories

8
Apple
CVE-2018-4191: iCloud for Windows 7.72018-10-08
Ubuntu
WebKitGTK+ vulnerabilities2018-10-03
Apple
CVE-2018-4191: iOS 122018-09-17
Apple
CVE-2018-4191: tvOS 122018-09-17
Apple
CVE-2018-4191: Safari 122018-09-17
CVE-2018-4191 — Apple Icloud vulnerability | cvebase