what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2018-4416

Status Candidate

Overview

Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.

Related Files

WebKit JSC JIT JSPropertyNameEnumerator Type Confusion
Posted Nov 30, 2018
Authored by Google Security Research, lokihardt

When a for-in loop is executed, a JSPropertyNameEnumerator object is created at the beginning and used to store the information of the input object to the for-in loop. Inside the loop, the structure ID of the "this" object of every get_by_id expression taking the loop variable as the index is compared to the cached structure ID from the JSPropertyNameEnumerator object. If it's the same, the "this" object of the get_by_id expression will be considered having the same structure as the input object to the for-in loop has. The problem is, it doesn't have anything to prevent the structure from which the cached structure ID from being freed. As structure IDs can be reused after their owners get freed, this can lead to type confusion.

tags | exploit
advisories | CVE-2018-4416
SHA-256 | 8f4f4959d722f37276fc6cd1ba9725d214fa2d1eafa97af721346d7487bda487
WebKitGTK+ / WPE WebKit Code Execution / Cross Site Scripting
Posted Nov 22, 2018
Authored by WebKitGTK+ Team

WebKitGTK+ and WPE WebKit suffer from code execution, cross site scripting, and various other vulnerabilities.

tags | advisory, vulnerability, code execution, xss
advisories | CVE-2018-4345, CVE-2018-4372, CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386, CVE-2018-4392, CVE-2018-4416
SHA-256 | 767e5dec630fcfe59774e5347356e1118ee764c436f4980d89aeec4248315329
Apple Security Advisory 2018-10-30-7
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-7 - iCloud for Windows 7.8 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | windows, apple
advisories | CVE-2018-4372, CVE-2018-4373, CVE-2018-4374, CVE-2018-4375, CVE-2018-4376, CVE-2018-4377, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386, CVE-2018-4392, CVE-2018-4398, CVE-2018-4409, CVE-2018-4416
SHA-256 | 0f2c1d4a22391c68b429a821b01e477865094f08d5a9098b4cf5e635c4add03b
Apple Security Advisory 2018-10-30-5
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-5 - tvOS 12.1 is now available and addresses code execution, denial of service, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2018-4368, CVE-2018-4369, CVE-2018-4371, CVE-2018-4372, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386, CVE-2018-4392, CVE-2018-4394, CVE-2018-4398, CVE-2018-4409, CVE-2018-4413, CVE-2018-4416, CVE-2018-4419, CVE-2018-4420
SHA-256 | e6780863e9995b96363ff9c2d4ba7998a18cb5cfc0e6cfe9ed734a006e414100
Apple Security Advisory 2018-10-30-6
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-6 - iTunes 12.9.1 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | apple
advisories | CVE-2018-4372, CVE-2018-4373, CVE-2018-4374, CVE-2018-4375, CVE-2018-4376, CVE-2018-4377, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386, CVE-2018-4392, CVE-2018-4394, CVE-2018-4398, CVE-2018-4409, CVE-2018-4416
SHA-256 | b83b5516c643e427bfbcad08d53b7c2b642db6c49c0df0bd95651d56e0fa3b7c
Apple Security Advisory 2018-10-30-4
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-4 - watchOS 5.1 is now available and addresses code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | apple
advisories | CVE-2018-4368, CVE-2018-4369, CVE-2018-4371, CVE-2018-4372, CVE-2018-4373, CVE-2018-4374, CVE-2018-4375, CVE-2018-4376, CVE-2018-4377, CVE-2018-4378, CVE-2018-4382, CVE-2018-4384, CVE-2018-4386, CVE-2018-4392, CVE-2018-4394, CVE-2018-4398, CVE-2018-4400, CVE-2018-4413, CVE-2018-4416, CVE-2018-4419, CVE-2018-4420
SHA-256 | 5f0d2857f7fda2b0ead56a90ba332bcf54ad8599c15943b3e0a2dd9318b61758
Apple Security Advisory 2018-10-30-3
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-3 - Safari 12.0.1 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | apple
advisories | CVE-2018-4372, CVE-2018-4373, CVE-2018-4374, CVE-2018-4375, CVE-2018-4376, CVE-2018-4377, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386, CVE-2018-4392, CVE-2018-4409, CVE-2018-4416
SHA-256 | 74e565ad09fafb02ea859d2bbeaf901f30f795b6a23fdbc0902acc87f1c428af
Apple Security Advisory 2018-10-30-1
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-1 - iOS 12.1 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | apple, ios
advisories | CVE-2018-4365, CVE-2018-4366, CVE-2018-4367, CVE-2018-4368, CVE-2018-4369, CVE-2018-4371, CVE-2018-4372, CVE-2018-4373, CVE-2018-4374, CVE-2018-4375, CVE-2018-4376, CVE-2018-4377, CVE-2018-4378, CVE-2018-4382, CVE-2018-4384, CVE-2018-4385, CVE-2018-4386, CVE-2018-4387, CVE-2018-4388, CVE-2018-4390, CVE-2018-4391, CVE-2018-4392, CVE-2018-4394, CVE-2018-4398, CVE-2018-4400, CVE-2018-4409, CVE-2018-4413, CVE-2018-4416
SHA-256 | 93a362567b72263d53b58c256f7884c72cb4ddbf8dc6666545a0ea17c505edc5
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close