An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves a JavaScriptCore function in the "WebKit" component. It allows attackers to trigger an assertion failure by leveraging improper array indexing.
http://www.securitytracker.com/id/1040604
https://security.gentoo.org/glsa/201808-04
https://support.apple.com/HT208693
https://support.apple.com/HT208694
https://support.apple.com/HT208695
https://support.apple.com/HT208696
https://support.apple.com/HT208697
Source: MITRE
Published: 2018-04-03
Updated: 2019-10-03
Type: CWE-617
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM
Base Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 2.8
Severity: MEDIUM