Main Vulnerability Database Exploits ID:2084 - Exploit for Memory corruption in macOS - CVE-2018-4331

ID:2084 - Exploit for Memory corruption in macOS - CVE-2018-4331

Published: March 18, 2020

Vulnerability identifier: #VU15591

Vulnerability risk: High

CVE-ID: CVE-2018-4331

CWE-ID: CWE-119

Exploitation vector: Remote access

Vulnerable software:
macOS

Link to public exploit:

https://github.com/bazad/gsscred-race

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in Heimdal component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted input, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Update to version 10.14.1.

ID:2084 - Exploit for Memory corruption in macOS - CVE-2018-4331

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human