Executive Summary

Informations
NameCVE-2018-4278First vendor Publication2019-01-11
VendorCveLast vendor Modification2019-03-08

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 11.4.1, iCloud for Windows before 7.6, sound fetched through audio elements may be exfiltrated cross-origin. This issue was addressed with improved audio taint tracking.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4278

CWE : Common Weakness Enumeration

%idName
100 %CWE-254Security Features

CPE : Common Platform Enumeration

TypeDescriptionCount
Application12
Application219
Application151
Os163
Os62
Os2
Os1

Nessus® Vulnerability Scanner

DateDescription
2018-10-02Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_8_banner.nasl - Type : ACT_GATHER_INFO
2018-08-23Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201808-04.nasl - Type : ACT_GATHER_INFO
2018-07-16Name : The remote Apple TV device is affected by multiple vulnerabilities.
File : appletv_11_4_1.nasl - Type : ACT_GATHER_INFO
2018-07-16Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_8.nasl - Type : ACT_GATHER_INFO
2018-07-16Name : A web browser installed on the remote macOS or Mac OS X host is affected by m...
File : macosx_Safari11_1_2.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
CONFIRM https://support.apple.com/HT208932
GENTOO https://security.gentoo.org/glsa/201808-04
MISC https://exchange.xforce.ibmcloud.com/vulnerabilities/146479
https://support.apple.com/HT208933,
https://support.apple.com/HT208934,
https://support.apple.com/HT208936,
https://support.apple.com/HT208938,
SECTRACK http://www.securitytracker.com/id/1041232
UBUNTU https://usn.ubuntu.com/3743-1/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2019-03-08 21:19:49
  • Multiple Updates
2019-02-01 12:07:10
  • Multiple Updates
2019-01-18 00:19:52
  • Multiple Updates
2019-01-16 17:19:03
  • Multiple Updates
2019-01-12 17:19:01
  • Multiple Updates
2019-01-11 21:19:16
  • First insertion