CVE-2018-4456
Apple Security Advisory 2019-5-13-2
Severity Score
7.8
*CVSS v3
Exploit Likelihood
< 1%
*EPSS
Affected Versions
1
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14.
Un problema de corrupción de memoria se abordó con una validación de entradas mejorada. Este problema afectaba a macOS High Sierra en versiones anteriores a la 10.13.6 y macOS Mojave en versiones anteriores a la 10.14.
macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra are now available and addresses bypass and code execution vulnerabilities.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-01-02 CVE Reserved
- 2019-04-03 CVE Published
- 2024-08-05 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosu... | Mailing List |
|
| https://seclists.org/bugtraq/201... | Mailing List |
|
| https://support.apple.com/kb/HT2... | X_refsource_confirm |
|
1 - 3 of 3
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.apple.com/kb/HT208937 | 2019-05-14 | |
| https://support.apple.com/kb/HT209139 | 2019-05-14 | |
| https://support.apple.com/kb/HT209341 | 2019-05-14 |
1 - 3 of 3