Multiple vulnerabilities in Apple iOS

Published: 2018-07-11 15:14:43 | Updated: 2018-07-11 15:20:12
Severity High
Patch available YES
Number of vulnerabilities 22
CVE ID CVE-2018-4248
CVE-2018-4260
CVE-2018-4261
CVE-2018-4262
CVE-2018-4263
CVE-2018-4264
CVE-2018-4265
CVE-2018-4266
CVE-2018-4267
CVE-2018-4270
CVE-2018-4271
CVE-2018-4272
CVE-2018-4273
CVE-2018-4274
CVE-2018-4275
CVE-2018-4277
CVE-2018-4278
CVE-2018-4280
CVE-2018-4282
CVE-2018-4284
CVE-2018-4290
CVE-2018-4293
CVSSv3 2.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
3.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
3.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
4.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
3.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
5.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
6.8 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
2.9 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
8.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
5.7 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
4.6 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CWE ID CWE-125
CWE-451
CWE-119
CWE-362
CWE-264
Exploitation vector Network
Public exploit Not available
Vulnerable software Apple iOS
Vulnerable software versions Apple iOS 11.4
Apple iOS 11.3.1
Apple iOS 11.3
Vendor URL Apple Inc.

Security Advisory

1) Out-of-bounds read

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A local attacker can run a specially crafted application, trigger out-of-bounds read and read restricted memory.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

2) Spoofing attack

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to improper state management. A remote attacker can trick the victim into visiting a specially crafted website and spoof the address bar.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

3) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

4) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

5) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

6) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

7) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

8) Race condition

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to race condition when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website and cause the service to crash.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

9) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

10) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

11) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

12) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

13) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and cause the service to crash.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

14) Spoofing attack

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to insufficient input validation. A remote attacker can trick the victim into visiting a specially crafted website and spoof the address bar.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

15) Security restrictions bypass

Description

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The vulnerability exists due to boundary error when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and break out of the sandbox.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

16) Spoofing attack

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to a spoofing issue in the handling of URLs. A remote attacker can trick the victim into loading a specially crafted web content and spoof the address bar.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

17) Security restrictions bypass

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to improper audio taint tracking. A remote attacker can trick the victim into visiting a specially crafted website, bypass security restrictions and exfiltrate audio data cross-origin.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

18) Memory corruption

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error when processing malicious application. A local attacker can use a specially crafted application, trigger memory corruption and gain elevated privileges.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

19) Out-of-bounds read

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to improper input validation. A local attacker can run a specially crafted application, trigger out-of-bounds read and read kernel memory.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

20) Memory corruption

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with elevated privileges.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

21) Memory corruption

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to boundary error when processing an emoji under certain configurations. A remote attacker can trick the victim into opening a specially crafted input, trigger memory corruption and cause the service to crash.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

22) Security restrictions bypass

Description

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to an error in cookie management. A local attacker can run a specially crafted application and cause cookies unexpectedly persist in Safari.

Remediation

Update to version 11.4.1.

External links

https://support.apple.com/en-us/HT208938

Back to List