Popis
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code and bypass security restrictions.
Below is a complete list of vulnerabilities:
- An unknown vulnerability in CFNetwork can be exploited locally to obtain sensitive information;
- Multiple memory corruption vulnerabilities in WebKit can be exploited remotely to execute arbitrary code;
- A CORS (cross-origin resource sharing) vulnerability can be exploited remotely to bypass security restrictions;
- A type confusion vulnerability in WebKit can be exploited remotely to execute arbitrary code;
- A race condition vulnerability in WebKit can be exploited remotely to cause denial of service;
- Multiple memory corruption vulnerabilities in WebKit can be exploited remotely to cause denial of service.
Oficiální doporučení
Vykořisťování
Public exploits exist for this vulnerability.
Související produkty
seznam CVE
- CVE-2018-4293 high
- CVE-2018-4270 high
- CVE-2018-4278 warning
- CVE-2018-4284 critical
- CVE-2018-4266 high
- CVE-2018-4261 critical
- CVE-2018-4262 critical
- CVE-2018-4263 critical
- CVE-2018-4264 critical
- CVE-2018-4265 critical
- CVE-2018-4267 critical
- CVE-2018-4272 critical
- CVE-2018-4271 high
- CVE-2018-4273 high
Zobrazit více
Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com
Našli jste v popisu této chyby zabezpečení nepřesnost? Dej nám vědět!