CVE-2018-4146 Information

Feb 14, 2021 cve

Description

An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the \WebKit\ component. It allows attackers to cause a denial of service (memory corruption) via a crafted web site.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Reference

http://www.securitytracker.com/id/1040604 https://security.gentoo.org/glsa/201808-04 https://support.apple.com/HT208693 https://support.apple.com/HT208694 https://support.apple.com/HT208695 https://support.apple.com/HT208696 https://support.apple.com/HT208697 https://support.apple.com/HT208698 https://usn.ubuntu.com/3635-1/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

6.5

Share on: