CVE-2018-4147

CRITICAL

Safari < 11.0.3 - Memory Corruption

Title source: llm
STIX 2.1

Description

In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling.

References (5)

Core 5
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/HT208473
Vendor Advisory x_refsource_misc
https://support.apple.com/HT208474
Vendor Advisory x_refsource_misc
https://support.apple.com/HT208475
Vendor Advisory x_refsource_misc
https://support.apple.com/HT208465
Vendor Advisory x_refsource_confirm
https://support.apple.com/HT208463

Scores

CVSS v3 9.8
EPSS 0.0154
EPSS Percentile 71.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (4)
apple/icloud < 7.3
apple/iphone_os < 11.2.5
apple/itunes < 12.7.3
apple/safari < 11.0.3
Published Jan 11, 2019
Tracked Since Feb 18, 2026