Apple Products Multiple Vulnerabilities

Last Update Date: 3 Apr 2018 10:10 Release Date: 3 Apr 2018 4669 Views

RISK: Medium Risk

TYPE: Operating Systems - Mobile & Apps

Multiple vulnerabilities have been identified in Apple Products, a remote attacker can exploit these vulnerabilities to trigger cross site scripting, denial of service, elevation of privilege, remote code execution, security restriction bypass, sensitive information disclosure and spoofing on the targeted system.

Impact

Cross-Site Scripting
Denial of Service
Elevation of Privilege
Remote Code Execution
Security Restriction Bypass
Information Disclosure
Spoofing

System / Technologies affected

Versions prior to:

iOS 11.3
iCloud for Windows 7.4
iTunes 12.7.4 for Windows
macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan
Safari 11.1
tvOS 11.3
watchOS 4.3
Xcode 9.3

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to a fixed version:

iOS 11.3
iCloud for Windows 7.4
iTunes 12.7.4 for Windows
macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan
Safari 11.1
tvOS 11.3
watchOS 4.3
Xcode 9.3

Vulnerability Identifier

No CVE information is available

Source

US-CERT