CVE-2018-4437

CVE-2018-4437

Name

CVE-2018-4437

Description

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.

NVD Severity

high

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Vendor Advisory	https://support.apple.com/kb/HT209346
Vendor Advisory	https://support.apple.com/kb/HT209345
Vendor Advisory	https://support.apple.com/kb/HT209344
Vendor Advisory	https://support.apple.com/kb/HT209343
Vendor Advisory	https://support.apple.com/kb/HT209342
Vendor Advisory	https://support.apple.com/kb/HT209340

Type

URI

Vendor Advisory

https://support.apple.com/kb/HT209346

Vendor Advisory

https://support.apple.com/kb/HT209345

Vendor Advisory

https://support.apple.com/kb/HT209344

Vendor Advisory

https://support.apple.com/kb/HT209343

Vendor Advisory

https://support.apple.com/kb/HT209342

Vendor Advisory

https://support.apple.com/kb/HT209340

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:o:apple:iphone_os::::::::`	iphone_os	>= None	< 12.1.1
`cpe:2.3:o:apple:watchos::::::::`	watchos	>= None	< 5.1.2
`cpe:2.3:o:apple:tvos::::::::`	tvos	>= None	< 12.1.1
`cpe:2.3:a:apple:safari::::::::`	safari	>= None	< 12.0.2

CPE URI

Source package

Min version

Max version

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

iphone_os

>= None

< 12.1.1

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

watchos

>= None

< 5.1.2

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

tvos

>= None

< 12.1.1

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

safari

>= None

< 12.0.2

References

Match rules

Vulnerable and fixed packages