PT-2021-8853 · Apple · Ios+5

Gustavo Grieco

Published

2021-12-23

Updated

2022-01-05

CVE-2018-4302

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS High Sierra versions prior to 10.13 iCloud for Windows versions prior to 7.0 watchOS versions prior to 4 iOS versions prior to 11 iTunes for Windows versions prior to 12.7

Description A null pointer dereference issue was addressed with improved validation. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.

Recommendations For macOS High Sierra, update to version 10.13 or later. For iCloud for Windows, update to version 7.0 or later. For watchOS, update to version 4 or later. For iOS, update to version 11 or later. For iTunes for Windows, update to version 12.7 or later.

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2018-4302

Affected Products

Icloud For Windows

Ios

Itunes

Itunes For Windows

Macos High Sierra

Watchos

PT-2021-8853 · Apple · Ios+5

CVE-2018-4302

Weakness Enumeration

Related Identifiers

Affected Products

References · 8