Memory Corruption Vulnerability in iCloud for Windows, Safari, and iTunes by Apple
CVE-2018-4147

9.8CRITICAL

Key Information:

Vendor

Apple
Status
iPhone OS
Safari
Vendor
CVE Published:
11 January 2019

What is CVE-2018-4147?

Multiple memory corruption issues have been identified in Apple's iCloud for Windows, Safari, and iTunes products. These vulnerabilities, existing in various versions prior to the specified updates, can potentially allow an attacker to execute arbitrary code or cause unexpected behavior due to improper memory handling. Apple has addressed these concerns with improved memory management in later updates, emphasizing the importance of keeping your software up to date to mitigate potential security risks.

References

https://support.apple.com/HT208473
x_refsource_MISC
https://support.apple.com/HT208474
x_refsource_MISC
https://support.apple.com/HT208475
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2018-4147 : Memory Corruption Vulnerability in iCloud for Windows, Safari, and iTunes by Apple