var-201904-1464
Vulnerability from variot
A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple macOS Mojave is a set of dedicated operating systems developed by Apple for Mac computers. Intel Graphics Driver is one of the integrated graphics drivers. A buffer error vulnerability exists in the Intel Graphics Driver component of Apple macOS Mojave prior to 10.14. An attacker could exploit this vulnerability to execute arbitrary code with system privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201904-1464",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mac os x",
"scope": "lt",
"trust": 1.8,
"vendor": "apple",
"version": "10.14"
},
{
"model": "icloud",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "for windows 7.8 earlier"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "12.1 earlier"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "12.9.1 earlier"
},
{
"model": "macos high sierra",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "(security update 2018-001 not applied )"
},
{
"model": "macos mojave",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.14.1 earlier"
},
{
"model": "macos sierra",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "(security update 2018-005 not applied )"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "12.0.1 earlier"
},
{
"model": "tvos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "12.1 earlier"
},
{
"model": "watchos",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "5.1 earlier"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "10.13.6"
},
{
"model": "macos mojave",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.14 earlier"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008908"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "NVD",
"id": "CVE-2018-4350"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:apple:icloud",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_high_sierra",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_mojave",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_sierra",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:apple_tv",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:watchos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008908"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yu Wang of Didi Research America",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1474"
}
],
"trust": 0.6
},
"cve": "CVE-2018-4350",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-4350",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-134381",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-4350",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-4350",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-4350",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1474",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-134381",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-4350",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134381"
},
{
"db": "VULMON",
"id": "CVE-2018-4350"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1474"
},
{
"db": "NVD",
"id": "CVE-2018-4350"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14. Apple Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: Detail is Apple See the information provided by. * HTTP Through the client AFP Server attack * Arbitrary code execution * information leak * Buffer overflow * Privilege escalation * Service operation interruption (DoS) * File system tampering * UI Spoofing * Limit avoidance * Cross-site scripting * Address bar impersonation. Apple macOS Mojave is a set of dedicated operating systems developed by Apple for Mac computers. Intel Graphics Driver is one of the integrated graphics drivers. A buffer error vulnerability exists in the Intel Graphics Driver component of Apple macOS Mojave prior to 10.14. An attacker could exploit this vulnerability to execute arbitrary code with system privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-4350"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008908"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "VULHUB",
"id": "VHN-134381"
},
{
"db": "VULMON",
"id": "CVE-2018-4350"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-4350",
"trust": 2.6
},
{
"db": "JVN",
"id": "JVNVU96365720",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU99356481",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008908",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015001",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1474",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-134381",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-4350",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134381"
},
{
"db": "VULMON",
"id": "CVE-2018-4350"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008908"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1474"
},
{
"db": "NVD",
"id": "CVE-2018-4350"
}
]
},
"id": "VAR-201904-1464",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-134381"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:23:11.007000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "About the security content of macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, Security Update 2018-005 Sierra",
"trust": 1.6,
"url": "https://support.apple.com/en-us/HT209193"
},
{
"title": "HT209139",
"trust": 1.6,
"url": "https://support.apple.com/en-us/HT209139"
},
{
"title": "About the security content of iTunes 12.9.1",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT209197"
},
{
"title": " About the security content of iCloud for Windows 7.8 ",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT209198"
},
{
"title": "About the security content of Safari 12.0.1",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT209196"
},
{
"title": " About the security content of tvOS 12.1",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT209194"
},
{
"title": " About the security content of iOS 12.1",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT209192"
},
{
"title": " About the security content of watchOS 5.1",
"trust": 0.8,
"url": "https://support.apple.com/en-us/HT209195"
},
{
"title": "HT209139",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT209139"
},
{
"title": "HT209193",
"trust": 0.8,
"url": "https://support.apple.com/ja-jp/HT209193"
},
{
"title": "Apple macOS High Sierra Intel Graphics Driver Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86452"
},
{
"title": "kemon",
"trust": 0.1,
"url": "https://github.com/didi/kemon "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-4350"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008908"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1474"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134381"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"db": "NVD",
"id": "CVE-2018-4350"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht209139"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht209193"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-4350"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96365720/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4350"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99356481/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96365720/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99356481/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/didi/kemon"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-134381"
},
{
"db": "VULMON",
"id": "CVE-2018-4350"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008908"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1474"
},
{
"db": "NVD",
"id": "CVE-2018-4350"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-134381"
},
{
"db": "VULMON",
"id": "CVE-2018-4350"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008908"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1474"
},
{
"db": "NVD",
"id": "CVE-2018-4350"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-03T00:00:00",
"db": "VULHUB",
"id": "VHN-134381"
},
{
"date": "2019-04-03T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4350"
},
{
"date": "2018-11-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008908"
},
{
"date": "2019-04-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"date": "2018-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"date": "2018-10-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1474"
},
{
"date": "2019-04-03T18:29:09.627000",
"db": "NVD",
"id": "CVE-2018-4350"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-05T00:00:00",
"db": "VULHUB",
"id": "VHN-134381"
},
{
"date": "2019-04-05T00:00:00",
"db": "VULMON",
"id": "CVE-2018-4350"
},
{
"date": "2018-11-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008908"
},
{
"date": "2019-04-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-015001"
},
{
"date": "2018-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-007762"
},
{
"date": "2019-04-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1474"
},
{
"date": "2024-11-21T04:07:14.710000",
"db": "NVD",
"id": "CVE-2018-4350"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1474"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Updates to product vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008908"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1474"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…