Lucene search
Bruno Keith (@bkth_)ZDI-18-1342HistoryNov 05, 2018 - 12:00 a.m.
Apple macOS nsurlstoraged Out-Of-Bounds Read Information Disclosure Vulnerability
2018-11-0500:00:00
Bruno Keith (@bkth_)
www.zerodayinitiative.com
7
0.003 Low
EPSS
Percentile
68.1%
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of cookie data. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current user.
References
Related
prion
prion
Memory corruption
2019-04-03 18:29:00
cvelist
cvelist
CVE-2018-4126
2019-04-03 17:43:12
cve
cve
CVE-2018-4126
2019-04-03 18:29:02
zdi
zdi
nvd
nvd
CVE-2018-4126
2019-04-03 18:29:02
apple
apple
About the security content of iTunes 12.9 for Windows
2018-09-12 00:00:00
About the security content of iCloud for Windows 7.7 - Apple Support
2019-01-23 08:20:11
About the security content of iCloud for Windows 7.7
2018-10-08 00:00:00
openvas
openvas
Apple Mac OS X Security Updates (HT209193)-06
2018-11-02 00:00:00
Apple Mac OS X Security Update (HT209139)
2022-08-04 00:00:00
nessus
nessus
macOS 10.13.6 Multiple Vulnerabilities (Security Update 2018-002)
2018-10-31 00:00:00
macOS < 10.14 Multiple Vulnerabilities
2018-10-18 00:00:00
macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-005)
2018-10-31 00:00:00