Vulnerability CVE-2018-4284: Information

Description

A type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-4284

Published: April 3, 2019

Modified: April 4, 2019

Error type identifier: CWE-704

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
libwebkitgtk4	sisyphus	2.20.4-alt2	2.44.1-alt1	ALT-PU-2018-2099-1	211086	Fixed
libwebkitgtk4	p10	2.20.4-alt2	2.36.3-alt1	ALT-PU-2018-2099-1	211086	Fixed
libwebkitgtk4	p9	2.20.4-alt2	2.24.4-alt1.3.p9	ALT-PU-2018-2099-1	211086	Fixed
libwebkitgtk4	c10f1	2.20.4-alt2	2.36.3-alt1	ALT-PU-2018-2099-1	211086	Fixed
libwebkitgtk4	c9f2	2.20.4-alt2	2.24.4-alt1.3.c9.1	ALT-PU-2018-2099-1	211086	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://support.apple.com/kb/HT208938	Vendor Advisory
https://support.apple.com/kb/HT208936	Vendor Advisory
https://support.apple.com/kb/HT208935	Vendor Advisory
https://support.apple.com/kb/HT208934	Vendor Advisory
https://support.apple.com/kb/HT208933	Vendor Advisory
https://support.apple.com/kb/HT208932	Vendor Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
  End excliding
  11.4.1
  cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
  End excliding
  11.1.2
  cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
  End excliding
  4.3.2
  cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
  End excliding
  11.4.1
  
  Configuration 2
  cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*
  cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Version: v24.5.1

Vulnerability CVE-2018-4284: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2