Unrated severityNVD Advisory· Published Dec 23, 2021· Updated Aug 5, 2024

CVE-2018-4302

Description

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.

Affected products

Apple Inc./macOSv5
Range: unspecified
Apple Inc./watchOSv5
Range: unspecified
Apple/iCloud for Windowsv5
Range: unspecified
Apple Inc./iOScpe-rescue
Range: unspecified
Apple Inc./iTunes for Windowscpe-rescue
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/HT208112mitrex_refsource_MISC
support.apple.com/en-us/HT208115mitrex_refsource_MISC
support.apple.com/en-us/HT208141mitrex_refsource_MISC
support.apple.com/en-us/HT208142mitrex_refsource_MISC
support.apple.com/en-us/HT208144mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000