CVE-2018-4447

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.

References

https://support.apple.com/kb/HT209340

https://support.apple.com/kb/HT209341

https://support.apple.com/kb/HT209342

https://support.apple.com/kb/HT209343

Details

Source: MITRE

Published: 2019-04-03

Updated: 2019-04-05

Type: CWE-119

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
700555Apple iOS < 12.1.1 Multiple Vulnerabilities (APPLE-SA-2018-12-05-1)Nessus Network MonitorMobile Devices
medium
700520macOS 10.14.x < 10.14.2 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
119842macOS 10.13.6 Multiple Vulnerabilities (Security Update 2018-003)NessusMacOS X Local Security Checks
high
119841macOS 10.14.x < 10.14.2 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
119840macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-006)NessusMacOS X Local Security Checks
high
119839Apple TV < 12.1.1 Multiple VulnerabilitiesNessusMisc.
high
119610Apple iOS < 12.1.1 Multiple VulnerabilitiesNessusMobile Devices
high