CVE-2018-4269Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Icloud

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents4 sources
Severity
8.6HIGHNVD
EPSS
0.4%
top 39.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple IcloudApple Iphone OSApple Itunes+3 more
Timeline
PublishedApr 3
Latest updateMay 14

Description

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 1.8 | Impact: 6.0

Affected Packages6 packages

NVDapple/tvos< 11.4.1
NVDapple/icloud< 7.6
NVDapple/itunes< 12.8
NVDapple/watchos< 4.3.2
NVDapple/safari< 11.1.2

🔴Vulnerability Details

2
GHSA
GHSA-xc8x-5h28-hgg8: A memory corruption issue was addressed with improved input validation2022-05-14
CVEList
CVE-2018-4269: A memory corruption issue was addressed with improved input validation2019-04-03

📋Vendor Advisories

4
Apple
CVE-2018-4269: watchOS 4.3.22018-07-09
Apple
CVE-2018-4269: tvOS 11.4.12018-07-09
Apple
CVE-2018-4269: iCloud for Windows 7.62018-07-09
Apple
CVE-2018-4269: macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan2018-07-09
CVE-2018-4269 — Apple Icloud vulnerability | cvebase