SB2018012407 - Multiple vulnerabilities in Apple iOS 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018012407

SB2018012407 - Multiple vulnerabilities in Apple iOS

Published: January 24, 2018

Security Bulletin ID SB2018012407
Severity
High
Patch available
YES
Number of vulnerabilities 13
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 38% Low 62%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 13 secuirty vulnerabilities.


1) Memory corruption (CVE-ID: CVE-2018-4082)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the kernel component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.

2) Memory corruption (CVE-ID: CVE-2018-4085)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the QuartzCore component when processing maliciously crafted web content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

3) Security restrictions bypass (CVE-ID: CVE-2018-4086)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to improper certificate evaluation issue in the handling of name constraints. A remote attacker can bypass security restrictions and cause the Security component to incorrectly apply certificate name constraints.

4) Memory corruption (CVE-ID: CVE-2018-4087)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Core Bluetooth component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

5) Memory corruption (CVE-ID: CVE-2018-4088)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component when processing maliciously crafted web content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

6) Memory corruption (CVE-ID: CVE-2018-4089)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component when processing maliciously crafted web content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

7) Memory corruption (CVE-ID: CVE-2018-4090)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to boundary error in the kernel component. A local attacker can run a specially crafted application, trigger memory corruption and read restricted memory.

8) Race condition (CVE-ID: CVE-2018-4092)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to race condition in the kernel component. A local attacker can run a specially crafted application, trigger race condition and read restricted memory.

9) Improper input validation (CVE-ID: CVE-2018-4093)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to input validation flaw in the kernel component. A local attacker can run a specially crafted application and read restricted memory.

10) Memory corruption (CVE-ID: CVE-2018-4094)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Audio component when processing maliciously crafted web content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

11) Memory corruption (CVE-ID: CVE-2018-4095)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in the Core Bluetooth component. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

12) Memory corruption (CVE-ID: CVE-2018-4096)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the WebKit component when processing maliciously crafted web content. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability may result in system compromise.

13) Resource exhaustion (CVE-ID: CVE-2018-4100)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to input validation flaw in the LinkPresentation component. A remote attacker can send a specially crafted text message, consume all available resources and cause the application to crash.

Remediation

Install update from vendor's website.

References