CVE-2018-4438
HIGHApple Safari < 12.0.2 - Memory Corruption
Title source: ruleDescription
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · htmldosmultiple
https://www.exploit-db.com/exploits/45984
References (6)
Scores
CVSS v3
8.8
EPSS
0.2256
EPSS Percentile
95.9%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (6)
apple/icloud
< 7.9
apple/iphone_os
< 12.1.1
apple/itunes
< 12.9.2
apple/safari
< 12.0.2
apple/tvos
< 12.1.1
apple/watchos
< 5.1.2
Published
Apr 03, 2019
Tracked Since
Feb 18, 2026