Apple Itunes vulnerabilities

CVE-2018-4416 [HIGH] CWE-119 CVE-2018-4416: Multiple memory corruption issues were addressed with improved memory handling. This issue affected Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4306 [HIGH] CWE-416 CVE-2018-4306: A use after free issue was addressed with improved memory management. This issue affected versions p A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVE-2018-4328 [HIGH] CWE-119 CVE-2018-4328: Multiple memory corruption issues were addressed with improved memory handling. This issue affected Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVE-2018-4319 [HIGH] CWE-346 CVE-2018-4319: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of se A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVE-2018-4398 [HIGH] CWE-20 CVE-2018-4398: An issue existed in the method for determining prime numbers. This issue was addressed by using pseu An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4145 [HIGH] CWE-119 CVE-2018-4145: Multiple memory corruption issues were addressed with improved memory handling. This issue affected Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.3, tvOS 11.3, watchOS 4.3, Safari 11.1, iTunes 12.7.4 for Windows, iCloud for Windows 7.4.

CVE-2018-4317 [HIGH] CWE-416 CVE-2018-4317: A use after free issue was addressed with improved memory management. This issue affected versions p A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVE-2018-4360 [HIGH] CWE-119 CVE-2018-4360: Multiple memory corruption issues were addressed with improved memory handling. This issue affected Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVE-2018-4443 [HIGH] CWE-119 CVE-2018-4443: A memory corruption issue was addressed with improved memory handling. This issue affected versions A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

CVE-2018-4269 [HIGH] CWE-119 CVE-2018-4269: A memory corruption issue was addressed with improved input validation. This issue affected versions A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4378 [HIGH] CWE-119 CVE-2018-4378: A memory corruption issue was addressed with improved validation. This issue affected versions prior A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4345 [MEDIUM] CWE-79 CVE-2018-4345: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validatio A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

CVE-2018-4377 [MEDIUM] CWE-79 CVE-2018-4377: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validatio A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4409 [MEDIUM] CWE-400 CVE-2018-4409: A resource exhaustion issue was addressed with improved input validation. This issue affected versio A resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4374 [MEDIUM] CWE-79 CVE-2018-4374: A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1 A logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

CVE-2018-4440 [MEDIUM] CWE-20 CVE-2018-4440: A logic issue was addressed with improved state management. This issue affected versions prior to iO A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

CVE-2018-4273 [MEDIUM] CWE-119 CVE-2018-4273: Multiple memory corruption issues were addressed with improved input validation. This issue affected Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4293 [MEDIUM] CWE-20 CVE-2018-4293: A cookie management issue was addressed with improved checks. This issue affected versions prior to A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4266 [MEDIUM] CWE-362 CVE-2018-4266: A race condition was addressed with additional validation. This issue affected versions prior toiVer A race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

CVE-2018-4271 [MEDIUM] CWE-119 CVE-2018-4271: Multiple memory corruption issues were addressed with improved input validation. This issue affected Multiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.