CVE-2018-4318 – WebKit - 'WebCore::SVGTextLayoutAttributes::context' Use-After-Free
https://notcve.org/view.php?id=CVE-2018-4318
A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Se abordó un problema de uso de memoria previamente liberada con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12, tvOS en versiones anteriores a la 12, Safari en versiones anteriores a la 12, iTunes para Windows en versiones anteriores a la 12.9 y iCloud para Windows en versiones anteriores a la 7.7. WebKit suffers from a WebCore::SVGTextLayoutAttributes::context use-after-free vulnerability. • https://www.exploit-db.com/exploits/45488 https://support.apple.com/kb/HT209106 https://support.apple.com/kb/HT209107 https://support.apple.com/kb/HT209109 https://support.apple.com/kb/HT209140 https://support.apple.com/kb/HT209141 • CWE-416: Use After Free •
CVE-2018-4323 – WebKit - 'WebCore::RenderMultiColumnSet::updateMinimumColumnHeight' Use-After-Free
https://notcve.org/view.php?id=CVE-2018-4323
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12, tvOS en versiones anteriores a la 12, Safari en versiones anteriores a la 12, iTunes para Windows en versiones anteriores a la 12.9 y iCloud para Windows en versiones anteriores a la 7.7. WebKit suffers from a WebCore::RenderMultiColumnSet::updateMinimumColumnHeight use-after-free vulnerability. • https://www.exploit-db.com/exploits/45484 https://support.apple.com/kb/HT209106 https://support.apple.com/kb/HT209107 https://support.apple.com/kb/HT209109 https://support.apple.com/kb/HT209140 https://support.apple.com/kb/HT209141 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-4328 – WebKit - 'WebCore::InlineTextBox::paint' Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2018-4328
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12, tvOS en versiones anteriores a la 12, Safari en versiones anteriores a la 12, iTunes para Windows en versiones anteriores a la 12.9 y iCloud para Windows en versiones anteriores a la 7.7. WebKit suffers from a WebCore::InlineTextBox::paint out-of-bounds read vulnerability. • https://www.exploit-db.com/exploits/45483 https://support.apple.com/kb/HT209106 https://support.apple.com/kb/HT209107 https://support.apple.com/kb/HT209109 https://support.apple.com/kb/HT209140 https://support.apple.com/kb/HT209141 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-4344 – Apple Multiple Products Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2018-4344
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. Este problema afectaba a versiones anteriores a iOS en versiones anteriores a la 12, macOS Mojave en versiones anteriores a la 10.14, tvOS en versiones anteriores a la 12, watchOS en versiones anteriores a la 5. Apple iOS, macOS, tvOS, and watchOS contain a memory corruption vulnerability which can allow for code execution. • https://support.apple.com/kb/HT209106 https://support.apple.com/kb/HT209107 https://support.apple.com/kb/HT209108 https://support.apple.com/kb/HT209139 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-4321
https://notcve.org/view.php?id=CVE-2018-4321
A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12. Existía un problema de validación en la verificación de autorización. Este problema se abordó con una validación mejorada de la autorización de procesos. • https://support.apple.com/kb/HT209106 https://support.apple.com/kb/HT209107 https://support.apple.com/kb/HT209139 • CWE-20: Improper Input Validation •