Lucene search
010ZDI-18-1332HistoryOct 31, 2018 - 12:00 a.m.
Apple Safari RenderCounter Use-After-Free Remote Code Execution Vulnerability
2018-10-3100:00:00
010
www.zerodayinitiative.com
17
EPSS
0.006
Percentile
78.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CSS counters. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
References
Related
cvelist
cvelist
CVE-2018-4376
2019-04-03 17:43:16
cve
cve
CVE-2018-4376
2019-04-03 18:29:11
debiancve
debiancve
CVE-2018-4376
2019-04-03 18:29:11
prion
prion
Memory corruption
2019-04-03 18:29:00
osv
osv
CVE-2018-4376
2019-04-03 18:29:11
nvd
nvd
CVE-2018-4376
2019-04-03 18:29:11
ubuntucve
ubuntucve
CVE-2018-4376
2019-04-03 00:00:00
openvas
openvas
Apple iCloud Security Updates (HT209198) - Windows
2018-10-31 00:00:00
Apple Safari Security Updates (HT209196)
2018-10-31 00:00:00
Apple iTunes Multiple Vulnerabilities (HT209197) - Windows
2018-10-31 00:00:00
nessus
nessus
macOS : Apple Safari < 12.0.1 Multiple Vulnerabilities
2018-10-31 00:00:00
Apple iTunes < 12.9.1 Multiple Vulnerabilities (uncredentialed check)
2018-11-02 00:00:00
Apple iTunes < 12.9.1 Multiple Vulnerabilities (credentialed check)
2018-11-02 00:00:00
apple
apple
About the security content of Safari 12.0.1 - Apple Support
2019-04-03 09:46:00
About the security content of Safari 12.0.1
2018-10-30 00:00:00
About the security content of iCloud for Windows 7.8
2018-10-30 00:00:00
kaspersky
kaspersky
KLA11343 Multiple vulnerabilities in Apple iTunes
2018-10-30 00:00:00
suse
suse
Security update for webkit2gtk3 (important)
2019-01-21 00:00:00
Security update for webkit2gtk3 (important)
2019-01-23 00:00:00