CVE-2018-4230

Sažetak

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a race condition.

Reference

http://www.securitytracker.com/id/1041027
https://bugs.chromium.org/p/project-zero/issues/detail?id=1549
https://support.apple.com/HT208849
https://www.exploit-db.com/exploits/44847/

CVSS

Base:	7.6
Impact:	10.0
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

13-07-2018 - 17:58

Objavljeno

08-06-2018 - 18:29