Apple Products Multiple Vulnerabilities
Last Update Date:
7 Dec 2018
Release Date:
6 Dec 2018
5837
Views
RISK: Medium Risk
TYPE: Operating Systems - Mac OS
Multiple vulnerabilities have been identified in Apple products. A remote user can exploit these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, security restriction bypass, obtain sensitive information and spoofing on the targeted system.
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Spoofing
System / Technologies affected
Versions prior to:
- iCloud for Windows 7.9
- Safari 12.0.2
- iTunes 12.9.2 for Windows
- macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra
- tvOS 12.1.1
- iOS 12.1.1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Update to the following versions via "software update":
- iCloud for Windows 7.9
- Safari 12.0.2
- iTunes 12.9.2 for Windows
- macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra
- tvOS 12.1.1
- iOS 12.1.1
Vulnerability Identifier
- CVE-2018-4465
- CVE-2018-4464
- CVE-2018-4443
- CVE-2018-4442
- CVE-2018-4441
- CVE-2018-4440
- CVE-2018-4439
- CVE-2018-4438
- CVE-2018-4437
- CVE-2018-4465
- CVE-2018-4463
- CVE-2018-4462
- CVE-2018-4461
- CVE-2018-4460
- CVE-2018-4450
- CVE-2018-4449
- CVE-2018-4447
- CVE-2018-4436
- CVE-2018-4435
- CVE-2018-4434
- CVE-2018-4431
- CVE-2018-4427
- CVE-2018-4303
Source
Related Link
- https://www.auscert.org.au/bulletins/72658
- https://www.auscert.org.au/bulletins/72666
- https://www.auscert.org.au/bulletins/72662
- https://www.auscert.org.au/bulletins/72678
- https://www.auscert.org.au/bulletins/72674
- https://www.us-cert.gov/ncas/current-activity/2018/12/05/Apple-Releases-Multiple-Security-Updates
Share with