PT-2018-16532 · Apple+2 · Itunes For Windows+7

John Pettitt

Published

2018-09-28

Updated

2024-06-15

CVE-2018-4319

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions iOS versions prior to 12 watchOS versions prior to 5 Safari versions prior to 12 iTunes for Windows versions prior to 12.9 iCloud for Windows versions prior to 7.7

Description A cross-origin issue existed with "iframe" elements. This issue was addressed with improved tracking of security origins.

Recommendations For iOS versions prior to 12, update to version 12 or later. For watchOS versions prior to 5, update to version 5 or later. For Safari versions prior to 12, update to version 12 or later. For iTunes for Windows versions prior to 12.9, update to version 12.9 or later. For iCloud for Windows versions prior to 7.7, update to version 7.7 or later.

Fix

Origin Validation Error

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-346

Related Identifiers

CVE-2018-4319

OPENSUSE-SU-2019:0081-1

OPENSUSE-SU-2019_0068-1

OPENSUSE-SU-2019_0081-1

OPENSUSE-SU-2024:11506-1

SUSE-SU-2019:0059-1

SUSE-SU-2019:0092-1

USN-3781-1

USN-3781-2

Affected Products

Safari

Suse

Ubuntu

Icloud For Windows

Ios

Itunes

Itunes For Windows

Watchos

PT-2018-16532 · Apple+2 · Itunes For Windows+7

CVE-2018-4319

Weakness Enumeration

Related Identifiers

Affected Products

References · 214