Vulnerability Details : CVE-2018-4284
A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.
Products affected by CVE-2018-4284
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-4284
0.70%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-4284
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2018-4284
-
The product does not correctly convert an object, resource, or structure from one type to a different type.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-4284
-
https://support.apple.com/kb/HT208933
About the security content of iTunes 12.8 for Windows - Apple SupportVendor Advisory
-
https://support.apple.com/kb/HT208935
About the security content of watchOS 4.3.2 - Apple SupportVendor Advisory
-
https://support.apple.com/kb/HT208938
About the security content of iOS 11.4.1 - Apple SupportVendor Advisory
-
https://support.apple.com/kb/HT208934
About the security content of Safari 11.1.2 - Apple SupportVendor Advisory
-
https://support.apple.com/kb/HT208932
About the security content of iCloud for Windows 7.6 - Apple SupportVendor Advisory
-
https://support.apple.com/kb/HT208936
About the security content of tvOS 11.4.1 - Apple SupportVendor Advisory
Jump to