CVE-2018-4442 – WebKit JSC JIT - GetIndexedPropertyStorage Use-After-Free
https://notcve.org/view.php?id=CVE-2018-4442
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1.1, tvOS en versiones anteriores a la 12.1.1, watchOS en versiones anteriores a la 5.1.2, Safari en versiones anteriores a la 12.0.2, iTunes para Windows en versiones anteriores a la 12.9.2 y iCloud para Windows en versiones anteriores a la 7.9. The doesGC function simply takes a node, and tells if it might cause a garbage collection. • https://www.exploit-db.com/exploits/46183 https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-4443 – WebKit JSC - 'AbstractValue::set' Use-After-Free
https://notcve.org/view.php?id=CVE-2018-4443
A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Un problema de corrupción de memoria se abordó con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1.1, tvOS en versiones anteriores a la 12.1.1, watchOS en versiones anteriores a la 5.1.2, Safari en versiones anteriores a la 12.0.2, iTunes en versiones anteriores a la 12.9.2 y iCloud para Windows en versiones anteriores a la 7.9. WebKit JSC suffers from a use-after-free vulnerability that can be used to bypass write barriers. • https://www.exploit-db.com/exploits/46071 https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-4445
https://notcve.org/view.php?id=CVE-2018-4445
"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2. >"Clear History and Website Data" no limpió el historial. Este problema se abordó con una supresión de datos mejorada. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209344 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-4437
https://notcve.org/view.php?id=CVE-2018-4437
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9. Se abordaron múltiples problemas de corrupción de memoria con una gestión de memoria mejorada. El problema afectaba a iOS en versiones anteriores a la 12.1.1, tvOS en versiones anteriores a la 12.1.1, watchOS en versiones anteriores a la 5.1.2, Safari en versiones anteriores a la 12.0.2, iTunes para Windows en versiones anteriores a la 12.9.2 y iCloud para Windows en versiones anteriores a la 7.9. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209342 https://support.apple.com/kb/HT209343 https://support.apple.com/kb/HT209344 https://support.apple.com/kb/HT209345 https://support.apple.com/kb/HT209346 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-4429
https://notcve.org/view.php?id=CVE-2018-4429
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, watchOS 5.1.2. Existía un problema suplantación en la gestión de las URL. Este problema se abordó con una validación de entradas mejorada. • https://support.apple.com/kb/HT209340 https://support.apple.com/kb/HT209343 • CWE-20: Improper Input Validation •