Kaspersky ID:
KLA11282
Дата обнаружения:
29/05/2018
Обновлено:
06/07/2026

Описание

Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface and obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. An out-of-bounds read vulnerability in CoreGraphics can be exploited remotely via specially crafted website to execute arbitrary code;
  2. Unspecified vulnerabilities can be exploited locally to obtain sensitive information;
  3. A race condition vulnerability in WebKit can be exploited remotely via specially crafted website to execute arbitrary code;
  4. A type confussion vulnerability in WebKit can be exploited remotely via specially crafted website to execute arbitrary code;
  5. Multiple memory corruption vulnerabilities in WebKit can be exploited remotely via specially crafted website to execute arbitrary code;
  6. An unspecified vulnerability in WebKit can be exploited remotely via specially crafted website to spoof user interface;
  7. A buffer overflow vulnerability in WebKit can be exploited remotely via specially crafted website to execute arbitrary code;
  8. An unspecified vulnerability in WebKit can be exploited remotely via specially crafted website to obtain sensitive information;
  9. An out-of-bounds read vulnerability in WebKit can be exploited remotely via specially crafted website to execute arbitrary code.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2018-4194
    critical
  • CVE-2018-4218
    critical
  • CVE-2018-4246
    critical
  • CVE-2018-4222
    critical
  • CVE-2018-4224
    high
  • CVE-2018-4225
    high
  • CVE-2018-4226
    high
  • CVE-2018-4232
    warning
  • CVE-2018-4233
    critical
  • CVE-2018-4188
    high
  • CVE-2018-4190
    critical
  • CVE-2018-4192
    critical
  • CVE-2018-4199
    critical
  • CVE-2018-4200
    critical
  • CVE-2018-4201
    critical
  • CVE-2018-4204
    critical
  • CVE-2018-4214
    critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Do you want to save your changes?
Your message has been sent successfully.