説明
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, execute arbitrary code and bypass security restrictions.
Below is a complete list of vulnerabilities:
- An unknown vulnerability in CFNetwork can be exploited locally to obtain sensitive information;
- Multiple memory corruption vulnerabilities in WebKit can be exploited remotely to execute arbitrary code;
- A CORS (cross-origin resource sharing) vulnerability can be exploited remotely to bypass security restrictions;
- A type confusion vulnerability in WebKit can be exploited remotely to execute arbitrary code;
- A race condition vulnerability in WebKit can be exploited remotely to cause denial of service;
- Multiple memory corruption vulnerabilities in WebKit can be exploited remotely to cause denial of service.
オリジナルアドバイザリー
エクスプロイテーション
Public exploits exist for this vulnerability.
関連製品
CVEリスト
- CVE-2018-4293 high
- CVE-2018-4270 high
- CVE-2018-4278 warning
- CVE-2018-4284 critical
- CVE-2018-4266 high
- CVE-2018-4261 critical
- CVE-2018-4262 critical
- CVE-2018-4263 critical
- CVE-2018-4264 critical
- CVE-2018-4265 critical
- CVE-2018-4267 critical
- CVE-2018-4272 critical
- CVE-2018-4271 high
- CVE-2018-4273 high
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!