説明
Multiple serious vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, bypass security restrictions, perform cross-site scripting attack, read local files.
Below is a complete list of vulnerabilities:
- Assert failure vulnerability in WebKit can be exploited locally to cause denial of service;
- Vulnerability related to SecurityErrors can be exploited locally to gain privileges;
- Vulnerability in WebKit can be exploited remotely via specially crafted website to execute arbitrary code;
- Vulnerability related to iframe elements can be exploited to bypass security restrictions;
- A cross-site scripting vulnerability can be exploited to execute scripts in the context of another website;
- Multiple memory corruption vulnerabilities can be exploited to execute arbitrary code;
- A cross-site scripting vulnerability can be exploited to read local files.
オリジナルアドバイザリー
エクスプロイテーション
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
関連製品
CVEリスト
- CVE-2018-4191 high
- CVE-2018-4311 high
- CVE-2018-4316 high
- CVE-2018-4299 high
- CVE-2018-4323 high
- CVE-2018-4328 high
- CVE-2018-4358 high
- CVE-2018-4359 high
- CVE-2018-4319 high
- CVE-2018-4309 warning
- CVE-2018-4197 high
- CVE-2018-4306 high
- CVE-2018-4312 high
- CVE-2018-4314 high
- CVE-2018-4315 high
- CVE-2018-4317 high
- CVE-2018-4318 high
- CVE-2018-4345 warning
- CVE-2018-4361 high
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!