CVE-2018-4442: Buffer Overflow
First published: Wed Dec 05 2018(Updated: )
WebKit. A memory corruption issue was addressed with improved memory handling.
Credit: lokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zerolokihardt Google Project Zero product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iCloud for Windows | <7.9 | 7.9 |
| Apple iTunes for Windows | <12.9.2 | 12.9.2 |
| Apple Safari | <12.0.2 | 12.0.2 |
| Apple watchOS | <5.1.2 | 5.1.2 |
| Apple tvOS | <12.1.1 | 12.1.1 |
| Apple iOS | <12.1.1 | 12.1.1 |
| Apple Safari | <12.0.2 | |
| Apple iPhone OS | <12.1.1 | |
| Apple tvOS | <12.1.1 | |
| Apple watchOS | <5.1.2 | |
| Apple iCloud | <7.9 | |
| Apple iTunes | <12.9.2 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT209340 (Advisory)
- https://support.apple.com/en-us/HT209342 (Advisory)
- https://support.apple.com/en-us/HT209343 (Advisory)
- https://support.apple.com/en-us/HT209344 (Advisory)
- https://support.apple.com/en-us/HT209345 (Advisory)
- https://support.apple.com/en-us/HT209346 (Advisory)
- https://support.apple.com/kb/HT209340
- https://support.apple.com/kb/HT209342
- https://support.apple.com/kb/HT209343
- https://support.apple.com/kb/HT209344
- https://support.apple.com/kb/HT209345
- https://support.apple.com/kb/HT209346
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2018-4440
- CVE-2018-4439
- CVE-2018-4437
- CVE-2018-4464
- CVE-2018-4441
- CVE-2018-4442
- CVE-2018-4443
- CVE-2018-4438
- CVE-2018-4444
- CVE-2018-4445
- CVE-2018-4303
- CVE-2018-4427
- CVE-2018-4431
- CVE-2018-4448
- CVE-2018-4460
- CVE-2018-4447
- CVE-2018-4435
- CVE-2018-4461
- CVE-2018-4429
- CVE-2018-4436
- CVE-2018-4465
- CVE-2018-4430
- CVE-2018-4446
- CVE-2018-4428
Frequently Asked Questions
What is CVE-2018-4442?
CVE-2018-4442 is a vulnerability in WebKit that allows memory corruption and has been addressed in various Apple software versions.
How does CVE-2018-4442 affect iOS?
CVE-2018-4442 affects iOS versions prior to 12.1.1.
How does CVE-2018-4442 affect tvOS?
CVE-2018-4442 affects tvOS versions prior to 12.1.1.
How does CVE-2018-4442 affect watchOS?
CVE-2018-4442 affects watchOS versions prior to 5.1.2.
How does CVE-2018-4442 affect Safari?
CVE-2018-4442 affects Safari versions prior to 12.0.2.
How does CVE-2018-4442 affect iTunes for Windows?
CVE-2018-4442 affects iTunes for Windows versions prior to 12.9.2.
How do I fix CVE-2018-4442?
To fix CVE-2018-4442, you need to update to iOS 12.1.1 or later, tvOS 12.1.1 or later, watchOS 5.1.2 or later, Safari 12.0.2 or later, iTunes for Windows 12.9.2 or later.
- collector/apple-support
- alias/CVE-2018-4442
- alias/CVE-2018-4443
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/software-canonical-lookup-request
- agent/event
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/description
- collector/nvd-index
- vendor/apple
- canonical/apple icloud for windows
- canonical/apple itunes for windows
- canonical/apple safari
- canonical/apple watchos
- canonical/apple tvos
- canonical/apple ios
- canonical/apple iphone os
- canonical/apple icloud
- canonical/apple itunes
- vendor/microsoft
- canonical/microsoft windows