CVE-2018-4367
Description
A memory corruption in AppleAVD allows arbitrary code execution via malicious video in FaceTime on iOS prior to 12.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory corruption in AppleAVD allows arbitrary code execution via malicious video in FaceTime on iOS prior to 12.1.
Vulnerability
A memory corruption issue existed in AppleAVD, the audio/video decoder component, on iOS devices. Processing malicious video via FaceTime could trigger the vulnerability. This affected versions prior to iOS 12.1, including iPhone 5s and later, iPad Air and later, and iPod touch 6th generation [1].
Exploitation
An attacker could send a malicious video to a victim via FaceTime. The victim would need to accept and play the video. No authentication is required beyond the FaceTime call initiation [1].
Impact
Successful exploitation could lead to arbitrary code execution within the context of the affected application (FaceTime). The attacker could gain the same privileges as the user, potentially leading to full device compromise [1].
Mitigation
Apple addressed the vulnerability in iOS 12.1, released on October 30, 2018. Users should update to this version or later. No workarounds are available [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <12.1
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Malformed H.264 streams in readSPSandGetDecoderParams lead to memory corruption."
Attack vector
An attacker can trigger this vulnerability by sending a malicious FaceTime call to a target device. The call contains malformed H.264 streams that are processed by the readSPSandGetDecoderParams function. This processing leads to out-of-bounds reads, out-of-bounds writes, and stack corruption crashes [ref_id=1].
Affected code
The vulnerability resides within the readSPSandGetDecoderParams function, which is responsible for processing H.264 streams. Malformed data in these streams can lead to memory corruption issues, including out-of-bounds reads and writes, and stack corruption crashes [ref_id=1].
What the fix does
The advisory states that the issue was addressed with improved input validation. This suggests that the fix likely involves ensuring that the input data, specifically the H.264 streams, is properly checked and sanitized before being processed, preventing the memory corruption that could occur with malformed data.
Preconditions
- inputMalformed H.264 streams within a FaceTime call.
- networkThe attacker must be able to send a FaceTime call to the target device.
Reproduction
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/45787.zip
Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- support.apple.com/kb/HT209192mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.