CVE-2018-4444

Published: Oct 27, 2020Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

A logic issue was addressed with improved state management. This issue is fixed in Safari 12.0.2, iOS 12.1.1, tvOS 12.1.1, iTunes 12.9.2 for Windows. Processing maliciously crafted web content may disclose sensitive user information.

Affected (4)

Products: Apple: Iphone Os, Itunes, Safari, Tvos

4 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Before 12.1.1
Apple Itunes	Before 12.9.2
Apple Safari	Before 12.0.2
Apple Tvos	Before 12.1.1

References (8)

https://support.apple.com/en-us/HT209340

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT209342

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT209344

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT209345

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/HT209340

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT209342

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT209344

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT209345

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.