CVE-2018-4384 - Buffer Errors vulnerability in Apple Iphone OS and Watchos

Publication

2019-04-03

Last modification

2019-04-05

Summary

A memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, watchOS 5.1.

Classification

CWE-119 - Buffer Errors

Risk level (CVSS AV:N/AC:M/Au:N/C:P/I:P/A:P)

Medium

6.8

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Apple Iphone OS  10.3.2 , 3.1.3 , 2.1 , 11.2.6 , 12.0.1 , 4.0.1 , 11.3.1 , 2.1.1 , 10.0.3 , 1.0.0 , 7.0.1 , 3.2.1 , 3.2 , 9.3.1 , 1.1.3 , 3.2.2 , 9.0 , 11.0.2 , 5.0 , 1.1.1 , 10.3.3 , 4.2.1 , 5.1.1 , 4.2.5 , 9.2 , 7.0 , 9.3 , 11.1.1 , 8.4.1 , 4.1 , 4.3.5 , 9.0.1 , 11.0.1 , 3.0 , 4.2.8 , 5.1 , 1.1.4 , 7.1 , 8.0.2 , 11.2.2 , 8.0 , 10.3.1 , 6.0 , 8.1 , 4.3.3 , 4.0 , 11.0 , 2.0 , 9.0.2 , 6.0.2 , 8.0.1 , 10.1 , 7.0.5 , 6.1.3 , 4.3.2 , 10.1.1 , 10.0 , 10.2.1 , 7.1.2 , 4.0.2 , 8.1.3 , 9.3.4 , 3.1 , 1.0.2 , 4.3.0 , 11.1.2 , 10.3 , 7.0.6 , 10.0.2 , 5.0.1 , 2.2.1 , 8.3 , 6.1.5 , 11.2.1 , 3.1.1 , 9.3.2 , 6.1.4 , 12.0 , 10.2 , 2.0.1 , 1.1.2 , 3.1.2 , 7.0.3 , 9.3.3 , 2.2 , 4.3.1 , 1.0.1 , 11 , 11.0.3 , 1.1.5 , 6.1.2 , 3.0.1 , 2.0.0 , 11.2 , 6.0.1 , 11.1 , 6.1 , 11.2.5 , 2.0.2 , 8.2 , 7.0.4 , 1.1.0 , 9.1 , 11.3 , 11.4.1 , 6.1.6 , 10.0.1 , 7.1.1 , 7.0.2 , 8.1.2 , 9.3.5 , 9.2.1 , 11.4
Apple Watchos  3.1 , 3.0 , 3.1.3 , 2.1 , 4.0.1 , 1.0 , 5.0.1 , 4 , 3.2 , 2.2.1 , 3.1.1 , 3.2.2 , 2.2.2 , 4.0 , 4.2.3 , 2.0 , 2.2.0 , 5.0 , 4.3 , 2.0.1 , 3.2.3 , 4.3.2 , 2.2 , 4.1 , 4.3.1 , 1.0.1