Showing 1 - 12 of 12

CVE-2018-4222

Status Candidate

Overview

An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation.

Related Files

Apple Security Advisory 2018-7-23-5: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-5 - watchOS 4.3.1 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4192, CVE-2018-4198, CVE-2018-4201, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383; SHA-256 | b2ef5d97a0dd4510c8d65950bb3a0565483a6e3af0f1fedf4e319f255c891d27; Download | Favorite | View

Apple Security Advisory 2018-7-23-3: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-3 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | cisco, apple, ios; advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241; SHA-256 | 857fee29a90629f33ba85af6600e36de596f303b9de4fc96e0cc80eb90fae597; Download | Favorite | View

Apple Security Advisory 2018-7-23-4: Posted Jul 23, 2018; Authored by Apple | Site apple.com; Apple Security Advisory 2018-7-23-4 - tvOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4206, CVE-2018-4211, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4240, CVE-2018-4241, CVE-2018-4243, CVE-2018-4246, CVE-2018-4249, CVE-2018-5383; SHA-256 | 414e2fd1f058460610b6e631ce22a9620407a86f8b5f4823842f21a210f09bda; Download | Favorite | View

Ubuntu Security Notice USN-3687-1: Posted Jun 18, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3687-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.; tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss; systems | linux, ubuntu; advisories | CVE-2018-12293, CVE-2018-4190, CVE-2018-4199, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233; SHA-256 | e98ea598a4eabbb5087a8a2218a2de8f5f9a525c48b0b236080247fe6427f405; Download | Favorite | View

WebKitGTK+ Data Leak / Code Execution: Posted Jun 14, 2018; Authored by WebKitGTK+ Team; Several vulnerabilities were discovered in WebKitGTK+ and WPE WebKit that can lead to leaking of sensitive data, code execution, and more. Various 2.20.x versions are affected.; tags | advisory, vulnerability, code execution; advisories | CVE-2018-11646, CVE-2018-11712, CVE-2018-11713, CVE-2018-12293, CVE-2018-12294, CVE-2018-4190, CVE-2018-4192, CVE-2018-4199, CVE-2018-4201, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233; SHA-256 | c0220c58b288dbb3089fcc06182e86efa1aa62220a826e40338a53ed4207e04a; Download | Favorite | View

WebKit WebAssembly Compilation Information Leak: Posted Jun 7, 2018; Authored by Google Security Research, natashenka; WebKit suffers from an information leak vulnerability in WebAssembly Compilation.; tags | exploit; advisories | CVE-2018-4222; SHA-256 | 9ff8d6e66bbcdfda552522b598b13d043b8118bae2e6ac620ec1f9e61f1f8e95; Download | Favorite | View