var-201804-1205
Vulnerability from variot
An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the "Sandbox" component. It allows bypass of a sandbox protection mechanism. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to bypass security restrictions, execute arbitrary code and perform unauthorized action; this may aid in launching further attacks. Apple macOS High Sierra is a dedicated operating system developed by Apple for Mac computers. Sandbox is a sandbox system that provides the operating system with a method to limit the use of system resources by applications. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan
macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan are now available and address the following:
Audio Available for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4094: Mingi Cho, MinSik Shin, Seoyoung Kim, Yeongho Lee and Taekyoung Kwon of the Information Security Lab, Yonsei University
curl Available for: macOS High Sierra 10.13.2 Impact: Multiple issues in curl Description: An out-of-bounds read issue existed in the curl. This issue was addressed through improved bounds checking. CVE-2017-8817: found by OSS-Fuzz
IOHIDFamily Available for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4098: Siguza
Kernel Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: An application may be able to read kernel memory (Meltdown) Description: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. CVE-2017-5754: Jann Horn of Google Project Zero; Moritz Lipp of Graz University of Technology; Michael Schwarz of Graz University of Technology; Daniel Gruss of Graz University of Technology; Thomas Prescher of Cyberus Technology GmbH; Werner Haas of Cyberus Technology GmbH; Stefan Mangard of Graz University of Technology; Paul Kocher; Daniel Genkin of University of Pennsylvania and University of Maryland; Yuval Yarom of University of Adelaide and Data61; and Mike Hamburg of Rambus (Cryptography Research Division)
Kernel Available for: macOS High Sierra 10.13.2 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2018-4090: Jann Horn of Google Project Zero
Kernel Available for: macOS High Sierra 10.13.2 Impact: An application may be able to read restricted memory Description: A race condition was addressed through improved locking. CVE-2018-4092: an anonymous researcher
Kernel Available for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4082: Russ Cox of Google
Kernel Available for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved validation. CVE-2018-4097: Resecurity, Inc.
Kernel Available for: macOS High Sierra 10.13.2 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4093: Jann Horn of Google Project Zero
LinkPresentation Available for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6.2 Impact: Processing a maliciously crafted text message may lead to application denial of service Description: A resource exhaustion issue was addressed through improved input validation. CVE-2018-4100: Abraham Masri (@cheesecakeufo)
QuartzCore Available for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of web content. This issue was addressed through improved input validation. CVE-2018-4085: Ret2 Systems Inc. working with Trend Micro's Zero Day Initiative
Sandbox Available for: macOS High Sierra 10.13.2 Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed through additional sandbox restrictions. CVE-2018-4091: Alex Gaynor of Mozilla
Security Available for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6 Impact: A certificate may have name constraints applied incorrectly Description: A certificate evaluation issue existed in the handling of name constraints. This issue was addressed through improved trust evaluation of certificates. CVE-2018-4086: Ian Haken of Netflix
WebKit Available for: macOS High Sierra 10.13.2 Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4088: Jeonghoon Shin of Theori CVE-2018-4089: Ivan Fratric of Google Project Zero CVE-2018-4096: found by OSS-Fuzz
Wi-Fi Available for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6, OS X El Capitan 10.11.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4084: Hyung Sup Lee of Minionz, You Chan Lee of Hanyang University
Installation note:
macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlpnnmApHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZaqg/8 DAjzEHmWMZxkSl88DnX/Y9x39DQ1eV6O0Bsg/WQ2r6wZlRDnBOYdJtgJU0I9MjgT JjOj6M/l+YkVS3EJHcdQqAZ6RfSSMvIcRieHJ0Lfj6bfohKRLJxuloFVKar3lAsY fIdzqlFKqWvPY6Neto2iR7ZhTWDW7QiVwbgSR1fleEWEglWtTeJjL6mff73Mqexh 7VngVFIicrbjoFD7uY2dctgkP+no3dcFieyRWF/z8OAmAOIkAc/KMqFyj22DBDq5 hH1j07Eo0RLKMT+nPq3Vgir5JVVR68M4UvDnSDXGHmTRYaM2BT8osWqlehgFQ52F JhqAsJsKP1Mc9WZkly8OvBbZHJcIJryTSqytOOZRQuvg6fXHPOezajcpThTntGiI /YcmaFIt8bZ8c0GbQXTMY8YCJEHtG3zb/z+Wf0sABfzbtCt48e5CQD5HDsoZyiML J84Sbs1Lb5XFYsdZg5iUFukIJRqYwaf69BUgMmFPTOxkBL/KH7m4BmUtLeiStLYN ykdW2TQFEbM6ojPL9HrAyho0wdX2/G4jiemAk22fb/XQ6q9+57RyduE/MDiFW93a 2XcIzxlsRk37ISIPyEkQTF/L/DTMdnhgI+ZIwmaMwU8Hd48MMMg6MIWYctefvnyB a1pVFFlwHCfxBWYSVI2fkKwExlNNYXCOjGsN7TSBfNc= =pc7O -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-1205",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.13.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.13.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.13.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.12.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.12.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.12.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.12.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.12.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.11.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.11.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.12.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.12.4"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.13.1"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.13.2"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.13"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.6"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.5"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.4"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.3"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.2"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12.1"
},
{
"model": "macos",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.12"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.11"
},
{
"model": "security update sierra",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2018-0010"
},
{
"model": "security update el capitan",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "2018-0010"
},
{
"model": "macos",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.13.3"
}
],
"sources": [
{
"db": "BID",
"id": "102785"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1096"
},
{
"db": "NVD",
"id": "CVE-2018-4091"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siguza, Inc., Hyung Sup Lee of Minionz, You Chan Lee of Hanyang University, Resecurity, Alex Gaynor of Mozilla",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-1096"
}
],
"trust": 0.6
},
"cve": "CVE-2018-4091",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-4091",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-134122",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-4091",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-4091",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-4091",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-1096",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-134122",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-4091",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134122"
},
{
"db": "VULMON",
"id": "CVE-2018-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1096"
},
{
"db": "NVD",
"id": "CVE-2018-4091"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in certain Apple products. macOS before 10.13.3 is affected. The issue involves the \"Sandbox\" component. It allows bypass of a sandbox protection mechanism. Apple macOS is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to bypass security restrictions, execute arbitrary code and perform unauthorized action; this may aid in launching further attacks. Apple macOS High Sierra is a dedicated operating system developed by Apple for Mac computers. Sandbox is a sandbox system that provides the operating system with a method to limit the use of system resources by applications. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3,\nSecurity Update 2018-001 Sierra,\nand Security Update 2018-001 El Capitan\n\nmacOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and\nSecurity Update 2018-001 El Capitan are now available and address\nthe following:\n\nAudio\nAvailable for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed through improved\ninput validation. \nCVE-2018-4094: Mingi Cho, MinSik Shin, Seoyoung Kim, Yeongho Lee and\nTaekyoung Kwon of the Information Security Lab, Yonsei University\n\ncurl\nAvailable for: macOS High Sierra 10.13.2\nImpact: Multiple issues in curl\nDescription: An out-of-bounds read issue existed in the curl. This\nissue was addressed through improved bounds checking. \nCVE-2017-8817: found by OSS-Fuzz\n\nIOHIDFamily\nAvailable for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6,\nOS X El Capitan 10.11.6\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2018-4098: Siguza\n\nKernel\nAvailable for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6\nImpact: An application may be able to read kernel memory (Meltdown)\nDescription: Systems with microprocessors utilizing speculative\nexecution and indirect branch prediction may allow unauthorized\ndisclosure of information to an attacker with local user access via\na side-channel analysis of the data cache. \nCVE-2017-5754: Jann Horn of Google Project Zero; Moritz Lipp of\nGraz University of Technology; Michael Schwarz of Graz University of\nTechnology; Daniel Gruss of Graz University of Technology;\nThomas Prescher of Cyberus Technology GmbH; Werner Haas of Cyberus\nTechnology GmbH; Stefan Mangard of Graz University of Technology;\nPaul Kocher; Daniel Genkin of University of Pennsylvania and\nUniversity of Maryland; Yuval Yarom of University of Adelaide and\nData61; and Mike Hamburg of Rambus (Cryptography Research Division)\n\nKernel\nAvailable for: macOS High Sierra 10.13.2\nImpact: An application may be able to read restricted memory\nDescription: A memory initialization issue was addressed through\nimproved memory handling. \nCVE-2018-4090: Jann Horn of Google Project Zero\n\nKernel\nAvailable for: macOS High Sierra 10.13.2\nImpact: An application may be able to read restricted memory\nDescription: A race condition was addressed through improved locking. \nCVE-2018-4092: an anonymous researcher\n\nKernel\nAvailable for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6,\nOS X El Capitan 10.11.6\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed through improved\ninput validation. \nCVE-2018-4082: Russ Cox of Google\n\nKernel\nAvailable for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2018-4097: Resecurity, Inc. \n\nKernel\nAvailable for: macOS High Sierra 10.13.2\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4093: Jann Horn of Google Project Zero\n\nLinkPresentation\nAvailable for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6.2\nImpact: Processing a maliciously crafted text message may lead to\napplication denial of service\nDescription: A resource exhaustion issue was addressed through\nimproved input validation. \nCVE-2018-4100: Abraham Masri (@cheesecakeufo)\n\nQuartzCore\nAvailable for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6,\nOS X El Capitan 10.11.6\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A memory corruption issue existed in the processing of\nweb content. This issue was addressed through improved input\nvalidation. \nCVE-2018-4085: Ret2 Systems Inc. working with Trend Micro\u0027s Zero Day\nInitiative\n\nSandbox\nAvailable for: macOS High Sierra 10.13.2\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: An access issue was addressed through additional sandbox\nrestrictions. \nCVE-2018-4091: Alex Gaynor of Mozilla\n\nSecurity\nAvailable for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6\nImpact: A certificate may have name constraints applied incorrectly\nDescription: A certificate evaluation issue existed in the handling\nof name constraints. This issue was addressed through improved trust\nevaluation of certificates. \nCVE-2018-4086: Ian Haken of Netflix\n\nWebKit\nAvailable for: macOS High Sierra 10.13.2\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2018-4088: Jeonghoon Shin of Theori\nCVE-2018-4089: Ivan Fratric of Google Project Zero\nCVE-2018-4096: found by OSS-Fuzz\n\nWi-Fi\nAvailable for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6,\nOS X El Capitan 10.11.6\nImpact: An application may be able to read restricted memory\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2018-4084: Hyung Sup Lee of Minionz, You Chan Lee of Hanyang\nUniversity\n\nInstallation note:\n\nmacOS High Sierra 10.13.3, Security Update 2018-001 Sierra,\nand Security Update 2018-001 El Capitan may be obtained from the\nMac App Store or Apple\u0027s Software Downloads web site:\nhttps://support.apple.com/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlpnnmApHHByb2R1Y3Qt\nc2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZaqg/8\nDAjzEHmWMZxkSl88DnX/Y9x39DQ1eV6O0Bsg/WQ2r6wZlRDnBOYdJtgJU0I9MjgT\nJjOj6M/l+YkVS3EJHcdQqAZ6RfSSMvIcRieHJ0Lfj6bfohKRLJxuloFVKar3lAsY\nfIdzqlFKqWvPY6Neto2iR7ZhTWDW7QiVwbgSR1fleEWEglWtTeJjL6mff73Mqexh\n7VngVFIicrbjoFD7uY2dctgkP+no3dcFieyRWF/z8OAmAOIkAc/KMqFyj22DBDq5\nhH1j07Eo0RLKMT+nPq3Vgir5JVVR68M4UvDnSDXGHmTRYaM2BT8osWqlehgFQ52F\nJhqAsJsKP1Mc9WZkly8OvBbZHJcIJryTSqytOOZRQuvg6fXHPOezajcpThTntGiI\n/YcmaFIt8bZ8c0GbQXTMY8YCJEHtG3zb/z+Wf0sABfzbtCt48e5CQD5HDsoZyiML\nJ84Sbs1Lb5XFYsdZg5iUFukIJRqYwaf69BUgMmFPTOxkBL/KH7m4BmUtLeiStLYN\nykdW2TQFEbM6ojPL9HrAyho0wdX2/G4jiemAk22fb/XQ6q9+57RyduE/MDiFW93a\n2XcIzxlsRk37ISIPyEkQTF/L/DTMdnhgI+ZIwmaMwU8Hd48MMMg6MIWYctefvnyB\na1pVFFlwHCfxBWYSVI2fkKwExlNNYXCOjGsN7TSBfNc=\n=pc7O\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"db": "BID",
"id": "102785"
},
{
"db": "VULHUB",
"id": "VHN-134122"
},
{
"db": "VULMON",
"id": "CVE-2018-4091"
},
{
"db": "PACKETSTORM",
"id": "146067"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4091",
"trust": 3.0
},
{
"db": "BID",
"id": "102785",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1040267",
"trust": 1.8
},
{
"db": "JVN",
"id": "JVNVU99446427",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003673",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1096",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-134122",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4091",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "146067",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134122"
},
{
"db": "VULMON",
"id": "CVE-2018-4091"
},
{
"db": "BID",
"id": "102785"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"db": "PACKETSTORM",
"id": "146067"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1096"
},
{
"db": "NVD",
"id": "CVE-2018-4091"
}
]
},
"id": "VAR-201804-1205",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134122"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T19:29:11.884000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT208465",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT208465"
},
{
"title": "HT208465",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT208465"
},
{
"title": "Apple macOS High Sierra Sandbox Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78168"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2018/01/24/apple_ios_macos_patches/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-4091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1096"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134122"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"db": "NVD",
"id": "CVE-2018-4091"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/102785"
},
{
"trust": 1.8,
"url": "https://support.apple.com/ht208465"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1040267"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4091"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4091"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99446427/index.html"
},
{
"trust": 0.3,
"url": "https://www.apple.com/"
},
{
"trust": 0.3,
"url": "https://lists.apple.com/archives/security-announce/2018/jan/msg00001.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2018/01/24/apple_ios_macos_patches/"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=56560"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4097"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4084"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4094"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4088"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4092"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8817"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4093"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4096"
},
{
"trust": 0.1,
"url": "https://support.apple.com/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4085"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5754"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4082"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4089"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4100"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134122"
},
{
"db": "VULMON",
"id": "CVE-2018-4091"
},
{
"db": "BID",
"id": "102785"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"db": "PACKETSTORM",
"id": "146067"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1096"
},
{
"db": "NVD",
"id": "CVE-2018-4091"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-134122"
},
{
"db": "VULMON",
"id": "CVE-2018-4091"
},
{
"db": "BID",
"id": "102785"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"db": "PACKETSTORM",
"id": "146067"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-1096"
},
{
"db": "NVD",
"id": "CVE-2018-4091"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134122"
},
{
"date": "2018-04-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4091"
},
{
"date": "2018-01-23T00:00:00",
"db": "BID",
"id": "102785"
},
{
"date": "2018-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"date": "2018-01-24T16:59:41",
"db": "PACKETSTORM",
"id": "146067"
},
{
"date": "2018-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-1096"
},
{
"date": "2018-04-03T06:29:03.407000",
"db": "NVD",
"id": "CVE-2018-4091"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134122"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4091"
},
{
"date": "2018-01-23T00:00:00",
"db": "BID",
"id": "102785"
},
{
"date": "2018-06-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-003673"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-1096"
},
{
"date": "2024-11-21T04:06:44.933000",
"db": "NVD",
"id": "CVE-2018-4091"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-1096"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple macOS of Sandbox Vulnerabilities that bypass the sandbox protection mechanism in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-003673"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-1096"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.