Lucene search
OmairZDI-18-273HistoryApr 06, 2018 - 12:00 a.m.
Apple Safari WebGL BufferSubData Buffer Overflow Remote Code Execution Vulnerability
2018-04-0600:00:00
Omair
www.zerodayinitiative.com
16
0.006 Low
EPSS
Percentile
78.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of WebGL. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
References
Related
prion
prion
Memory corruption
2018-04-03 06:29:00
cve
cve
CVE-2018-4130
2018-04-03 06:29:05
ubuntucve
ubuntucve
CVE-2018-4130
2018-04-03 00:00:00
nvd
nvd
CVE-2018-4130
2018-04-03 06:29:05
cvelist
cvelist
CVE-2018-4130
2018-04-03 06:00:00
openvas
openvas
Apple iTunes Security Updates (HT208694) - Windows
2018-04-02 00:00:00
Apple iCloud Security Updates (HT208697) - Windows
2018-04-02 00:00:00
Apple Safari Security Updates (HT208695)
2018-04-02 00:00:00
nessus
nessus
Apple iTunes < 12.7.3 WebKit Multiple Vulnerabilities (uncredentialed check)
2018-04-03 00:00:00
Apple iTunes < 12.7.4 WebKit Multiple Vulnerabilities (credentialed check)
2018-04-03 00:00:00
Apple TV < 11.3 Multiple Vulnerabilities
2018-04-16 00:00:00
apple
apple
About the security content of iTunes 12.7.4 for Windows
2018-03-29 00:00:00
About the security content of iTunes 12.7.4 for Windows - Apple Support
2018-05-02 05:10:03
About the security content of iCloud for Windows 7.4
2018-03-29 00:00:00
kaspersky
kaspersky
KLA11281 Multiple vulnerabilities in Apple iTunes
2018-03-29 00:00:00