PT-2018-16488 · Apple · Swift

Publicado

2018-06-08

Atualizado

2019-10-03

CVE-2018-4220

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Swift versions prior to 4.1.1 Security Update 2018-001

Description The issue involves the "Swift for Ubuntu" component and allows attackers to execute arbitrary code in a privileged context. This is possible because write and execute permissions are enabled during library loading.

Recommendations For versions prior to 4.1.1 Security Update 2018-001, update to Swift 4.1.1 Security Update 2018-001 to resolve the issue. As a temporary workaround, consider restricting the use of the "Swift for Ubuntu" component until the update is applied.

Correção

Incorrect Permission

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732

Identificadores relacionados

CVE-2018-4220

Produtos afetados

Swift

PT-2018-16488 · Apple · Swift

CVE-2018-4220

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4