CVE-2018-4404
HIGH EXPLOITEDSafari Proxy Object Type Confusion
Title source: metasploitDescription
In iOS before 11.4 and macOS High Sierra before 10.13.5, a memory corruption issue exists and was addressed with improved memory handling.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotemacos
https://www.exploit-db.com/exploits/45998
metasploit
WORKING POC
MANUAL
by saelo · rubypocosx
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/browser/safari_proxy_object_type_confusion.rb
Scores
CVSS v3
8.8
EPSS
0.7023
EPSS Percentile
98.7%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2024-05-29
CWE
CWE-119
Status
published
Products (2)
apple/iphone_os
< 11.4
apple/mac_os_x
10.13.0 - 10.13.5
Published
Jan 11, 2019
Tracked Since
Feb 18, 2026