SB2018103110 - Multiple vulnerabilities in Apple iOS 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018103110

SB2018103110 - Multiple vulnerabilities in Apple iOS

Published: October 31, 2018 Updated: August 7, 2023

Security Bulletin ID SB2018103110
Severity
High
Patch available
YES
Number of vulnerabilities 31
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 42% Low 58%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 31 secuirty vulnerabilities.


1) Out-of-bounds read (CVE-ID: CVE-2018-4365)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in Contacts component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted vcf file, trigger memory corruption and cause the service to crash.


2) Information disclosure (CVE-ID: CVE-2018-4366)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to a boundary error in FaceTime component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted file, trigger memory corruption and read arbitrary data.


3) Memory corruption (CVE-ID: CVE-2018-4367)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in FaceTime component when handling malicious input. A remote attacker can initiate a FaceTime call, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


4) Improper input validation (CVE-ID: CVE-2018-4368)

The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists due to an error in WiFi component when handling malicious input. A remote attacker can supply a specially crafted input and cause the service to crash.


5) Memory leak (CVE-ID: CVE-2018-4369)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to memory leak in NetworkExtension component. A remote attacker can connect to a VPN server and access DNS queries from a DNS proxy.


6) Out-of-bounds read (CVE-ID: CVE-2018-4371)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to out-of-bounds read in IPSec component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and gain elevated privileges.


7) Memory corruption (CVE-ID: CVE-2018-4372)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


8) Memory corruption (CVE-ID: CVE-2018-4373)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


9) Cross-site scripting (CVE-ID: CVE-2018-4374)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks


10) Memory corruption (CVE-ID: CVE-2018-4375)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


11) Memory corruption (CVE-ID: CVE-2018-4376)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


12) Cross-site scripting (CVE-ID: CVE-2018-4377)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks


13) Memory corruption (CVE-ID: CVE-2018-4378)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


14) Memory corruption (CVE-ID: CVE-2018-4382)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


15) Memory corruption (CVE-ID: CVE-2018-4384)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in AppleAVD component when handling malicious input. A remote attacker can trick the victim into processing malicious video via FaceTime, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


16) Spoofing attack (CVE-ID: CVE-2018-4385)

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to improper state management in WebKit component. A remote attacker can trick the victim into visiting a specially crafted website and spoof address bar.


17) Memory corruption (CVE-ID: CVE-2018-4386)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


18) Information disclosure (CVE-ID: CVE-2018-4387)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an error in VoiceOver component during improper state management. A local attacker can view photos via Reply With Message from the lock screen.


19) Security restrictions bypass (CVE-ID: CVE-2018-4388)

The vulnerability allows a local attacker to bypass security restrictions on the target system.

The weakness exists due to an error in Notes component during improper access and privileges controls in lock screen. A local attacker can bypass security restrictions and share items from the lock screen.


20) Spoofing attack (CVE-ID: CVE-2018-4390)

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to improper state management in Messages component in inconsistent user interface. A remote attacker can send a specially crafted mail message and spoof UI.


21) Spoofing attack (CVE-ID: CVE-2018-4391)

The vulnerability allows a remote attacker to conduct spoofing attack on the target system.

The weakness exists due to improper state management in Messages component in inconsistent user interface. A remote attacker can send a specially crafted mail message and spoof UI.


22) Memory corruption (CVE-ID: CVE-2018-4392)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


23) Heap-based buffer overflow (CVE-ID: CVE-2018-4394)

The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.

The weakness exists due to boundary error in ICU component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted string, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


24) Information disclosure (CVE-ID: CVE-2018-4398)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to an error in the Miller-Rabin primality test. A remote attacker can incorrectly identify prime numbers.


25) Improper input validation (CVE-ID: CVE-2018-4400)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to an error in Security component when processing a malicious input. A remote attacker can supply a specially crafted S/MIME signed message and cause the service to crash.


26) Resource exhaustion (CVE-ID: CVE-2018-4409)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to resource exhaustion in Webkit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, consume excessive resources and cause the service to crash.


27) Information disclosure (CVE-ID: CVE-2018-4413)

The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.

The weakness exists due to boundary error in Kernel component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and read restricted memory.


28) Memory corruption (CVE-ID: CVE-2018-4416)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in WebKit component when handling malicious input. A remote attacker can trick the victim into visiting a specially crafted website, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


29) Memory corruption (CVE-ID: CVE-2018-4419)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in Kernel component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


30) Memory corruption (CVE-ID: CVE-2018-4420)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The weakness exists due to boundary error in Kernel component when handling malicious input. A local attacker can run a specially crafted application, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


31) Memory corruption (CVE-ID: CVE-2018-4427)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to a boundary error in IOHIDFamily component when handling malicious input. A remote attacker can trick the victim into processing a specially crafted input, trigger memory corruption and execute arbitrary code with kernel privileges.

Successful exploitation of the vulnerability may result in system compromise.


Remediation

Install update from vendor's website.

References