Executive Summary

Informations
NameCVE-2018-4277First vendor Publication2019-01-11
VendorCveLast vendor Modification2019-01-16

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

In iOS before 11.4.1, watchOS before 4.3.2, tvOS before 11.4.1, Safari before 11.1.1, macOS High Sierra before 10.13.6, a spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4277

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application57
Application148
Os162
Os113
Os21

Nessus® Vulnerability Scanner

DateDescription
2018-07-17Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_13_6.nasl - Type : ACT_GATHER_INFO
2018-07-17Name : The remote host is missing a macOS or Mac OS X security update that fixes mul...
File : macosx_SecUpd2018-004.nasl - Type : ACT_GATHER_INFO
2018-07-16Name : The remote Apple TV device is affected by multiple vulnerabilities.
File : appletv_11_4_1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
CONFIRM https://support.apple.com/HT208937
MISC https://support.apple.com/HT208854,
https://support.apple.com/HT208935,
https://support.apple.com/HT208936,
https://support.apple.com/HT208938,
SECTRACK http://www.securitytracker.com/id/1041232

Alert History

If you want to see full details history, please login or register.
0
1
2
3
DateInformations
2019-01-18 00:19:52
  • Multiple Updates
2019-01-16 17:19:03
  • Multiple Updates
2019-01-12 17:19:01
  • Multiple Updates
2019-01-11 21:19:16
  • First insertion