Showing 1 - 12 of 12

CVE-2018-4218

Status Candidate

Overview

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free.

Related Files

Apple Security Advisory 2018-7-23-5: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-5 - watchOS 4.3.1 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4192, CVE-2018-4198, CVE-2018-4201, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383; SHA-256 | b2ef5d97a0dd4510c8d65950bb3a0565483a6e3af0f1fedf4e319f255c891d27; Download | Favorite | View

Apple Security Advisory 2018-7-23-3: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-3 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | cisco, apple, ios; advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241; SHA-256 | 857fee29a90629f33ba85af6600e36de596f303b9de4fc96e0cc80eb90fae597; Download | Favorite | View

Apple Security Advisory 2018-7-23-4: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-4 - tvOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383; SHA-256 | 414e2fd1f058460610b6e631ce22a9620407a86f8b5f4823842f21a210f09bda; Download | Favorite | View

Ubuntu Security Notice USN-3687-1: Posted Jun 18, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3687-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.; tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss; systems | linux, ubuntu; advisories | CVE-2018-12293, CVE-2018-4190, CVE-2018-4199, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233; SHA-256 | e98ea598a4eabbb5087a8a2218a2de8f5f9a525c48b0b236080247fe6427f405; Download | Favorite | View

WebKitGTK+ Data Leak / Code Execution: Posted Jun 14, 2018; Authored by WebKitGTK+ Team; Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit that can lead to leaking of sensitive data, code execution, and more. Various 2.20.x versions are affected.; tags | advisory, vulnerability, code execution; advisories | CVE-2018-11646, CVE-2018-11712, CVE-2018-11713, CVE-2018-12293, CVE-2018-12294, CVE-2018-4190, CVE-2018-4192, CVE-2018-4199, CVE-2018-4201, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233; SHA-256 | c0220c58b288dbb3089fcc06182e86efa1aa62220a826e40338a53ed4207e04a; Download | Favorite | View

WebKit Generator Use-After-Free: Posted Jun 7, 2018; Authored by Google Security Research, natashenka; WebKit suffers from a use-after-free vulnerability when resuming generator.; tags | exploit; advisories | CVE-2018-4218; SHA-256 | 9d4a97ee75f86513d40f422b4b1daf5e748cac6f104d893f1a126d2c47965dbb; Download | Favorite | View