CVE-2018-4440: Input Validation
First published: Wed Dec 05 2018(Updated: )
A logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.
Credit: Wenxu Wu Tencent Security Xuanwu LabWenxu Wu Tencent Security Xuanwu LabWenxu Wu Tencent Security Xuanwu LabWenxu Wu Tencent Security Xuanwu Lab product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iCloud for Windows | <7.9 | 7.9 |
| Apple iTunes for Windows | <12.9.2 | 12.9.2 |
| Apple Safari | <12.0.2 | 12.0.2 |
| Apple iOS | <12.1.1 | 12.1.1 |
| Apple Safari | <12.0.2 | |
| Apple iPhone OS | <12.1.1 | |
| Apple iCloud | <7.9 | |
| Apple iTunes | <12.9.2 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT209340 (Advisory)
- https://support.apple.com/en-us/HT209344 (Advisory)
- https://support.apple.com/en-us/HT209345 (Advisory)
- https://support.apple.com/en-us/HT209346 (Advisory)
- https://support.apple.com/kb/HT209340
- https://support.apple.com/kb/HT209344
- https://support.apple.com/kb/HT209345
- https://support.apple.com/kb/HT209346
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is CVE-2018-4440?
CVE-2018-4440 is a vulnerability in Safari that was addressed with improved state management.
Which versions of Safari are affected by CVE-2018-4440?
Versions prior to Safari 12.0.2 are affected by CVE-2018-4440.
Which versions of iOS are affected by CVE-2018-4440?
Versions prior to iOS 12.1.1 are affected by CVE-2018-4440.
Is iCloud for Windows affected by CVE-2018-4440?
Yes, iCloud for Windows versions up to 7.9 are affected by CVE-2018-4440.
How can I fix CVE-2018-4440?
To fix CVE-2018-4440, update your Safari to version 12.0.2 or later, update your iOS to version 12.1.1 or later, update your iCloud for Windows to version 7.9 or later.
- collector/apple-support
- agent/type
- agent/first-publish-date
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- agent/severity
- agent/weakness
- collector/nvd-index
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/tags
- agent/source
- vendor/apple
- canonical/apple icloud for windows
- canonical/apple itunes for windows
- canonical/apple safari
- canonical/apple ios
- canonical/apple iphone os
- canonical/apple icloud
- canonical/apple itunes
- vendor/microsoft
- canonical/microsoft windows