CVE-2018-4314 - USE After Free vulnerability in Apple products

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.

Vulnerable Configurations

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

Exploit-Db

descriptionWebKit - 'WebCore::SVGAnimateElementBase::resetAnimatedType' Use-After-Free. CVE-2018-4314. Dos exploit for Multiple platform. Tags: Use After Free (UAF)
idEDB-ID:45480
last seen2018-10-07
modified2018-09-25
published2018-09-25
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/45480/
titleWebKit - 'WebCore::SVGAnimateElementBase::resetAnimatedType' Use-After-Free

Nessus

  • NASL familyPeer-To-Peer File Sharing
    NASL idITUNES_12_9_BANNER.NASL
    descriptionThe version of Apple iTunes installed on the remote Windows host is prior to 12.9. It is, therefore, affected by multiple vulnerabilities in WebKit as referenced in the HT209140 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-01-01
    modified2020-01-02
    plugin id117879
    published2018-10-02
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117879
    titleApple iTunes < 12.9 Multiple Vulnerabilities (uncredentialed check)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3781-1.NASL
    descriptionA large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-01-01
    modified2020-01-02
    plugin id117914
    published2018-10-04
    reporterUbuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117914
    titleUbuntu 18.04 LTS : webkit2gtk vulnerabilities (USN-3781-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-68.NASL
    descriptionThis update for webkit2gtk3 to version 2.22.4 fixes the following issues : Security issues fixed : CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4345, CVE-2018-4372, CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4416, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386 (bsc#1110279, bsc#1116998). This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen2020-01-01
    modified2020-01-02
    plugin id121291
    published2019-01-22
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121291
    titleopenSUSE Security Update : webkit2gtk3 (openSUSE-2019-68)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201812-04.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201812-04 (WebkitGTK+: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Impact : A remote attacker could execute arbitrary commands or cause a Denial of Service condition via maliciously crafted web content. Workaround : There is no known workaround at this time.
    last seen2020-01-01
    modified2020-01-02
    plugin id119323
    published2018-12-03
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119323
    titleGLSA-201812-04 : WebkitGTK+: Multiple vulnerabilities
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SAFARI12.NASL
    descriptionThe version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 12. It is, therefore, affected by multiple vulnerabilities.
    last seen2020-01-01
    modified2020-01-02
    plugin id117617
    published2018-09-20
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117617
    titlemacOS : Apple Safari < 12 Multiple Vulnerabilities
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0092-1.NASL
    descriptionThis update for webkit2gtk3 to version 2.22.5 fixes the following issues : Security issues fixed : CVE-2018-4372, CVE-2018-4345, CVE-2018-4386, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382, CVE-2018-4392, CVE-2018-4416, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4373, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165, CVE-2018-11713, CVE-2018-4207, CVE-2018-4208, CVE-2018-4209, CVE-2018-4210, CVE-2018-4212, CVE-2018-4213, CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464 (bsc#1119558, bsc#1116998, bsc#1110279) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-01-01
    modified2020-01-02
    plugin id121206
    published2019-01-16
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121206
    titleSUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2019:0092-1)
  • NASL familyWindows
    NASL idITUNES_12_9.NASL
    descriptionThe version of Apple iTunes installed on the remote Windows host is prior to 12.9. It is, therefore, affected by multiple vulnerabilities as referenced in the HT209140 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-01-01
    modified2020-01-02
    plugin id117880
    published2018-10-02
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117880
    titleApple iTunes < 12.9 Multiple Vulnerabilities (credentialed check)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0059-1.NASL
    descriptionThis update for webkit2gtk3 to version 2.22.4 fixes the following issues : Security issues fixed : CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4392, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4345, CVE-2018-4372, CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4416, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386 (bsc#1110279, bsc#1116998). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-01-01
    modified2020-01-02
    plugin id121093
    published2019-01-11
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121093
    titleSUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2019:0059-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-81.NASL
    descriptionThis update for webkit2gtk3 to version 2.22.5 fixes the following issues : Security issues fixed : - CVE-2018-4372, CVE-2018-4345, CVE-2018-4386, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378, CVE-2018-4382, CVE-2018-4392, CVE-2018-4416, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4358, CVE-2018-4359, CVE-2018-4361, CVE-2018-4373, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165, CVE-2018-11713, CVE-2018-4207, CVE-2018-4208, CVE-2018-4209, CVE-2018-4210, CVE-2018-4212, CVE-2018-4213, CVE-2018-4437, CVE-2018-4438, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464 (bsc#1119558, bsc#1116998, bsc#1110279) This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-01-01
    modified2020-01-02
    plugin id121339
    published2019-01-24
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/121339
    titleopenSUSE Security Update : webkit2gtk3 (openSUSE-2019-81)

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/149550/GS20180925230723.txt
idPACKETSTORM:149550
last seen2018-09-26
published2018-09-25
reporterIvan Fratric
sourcehttps://packetstormsecurity.com/files/149550/WebKit-WebCore-SVGAnimateElementBase-resetAnimatedType-Use-After-Free.html
titleWebKit WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free