CVE-2018-4102: Input Validation
An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site.
Other sources
Safari. An inconsistent user interface issue was addressed with improved state management.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4102
- CVE-2018-4116
- CVE-2018-4186
- CVE-2018-4137
- CVE-2018-4101
- CVE-2018-4114
- CVE-2018-4118
- CVE-2018-4119
- CVE-2018-4120
- CVE-2018-4121
- CVE-2018-4122
- CVE-2018-4125
- CVE-2018-4127
- CVE-2018-4128
- CVE-2018-4129
- CVE-2018-4130
- CVE-2018-4161
- CVE-2018-4162
- CVE-2018-4163
- CVE-2018-4165
- CVE-2018-4133
- CVE-2018-4113
- CVE-2018-4146
- CVE-2018-4117
- CVE-2018-4207
- CVE-2018-4208
- CVE-2018-4209
- CVE-2018-4210
- CVE-2018-4212
- CVE-2018-4213
- CVE-2018-4145
Frequently Asked Questions
What is CVE-2018-4102?
CVE-2018-4102 is a vulnerability that affects Safari before version 11.1.
How does CVE-2018-4102 affect Safari?
CVE-2018-4102 allows remote attackers to spoof the address bar through a crafted website.
What is the severity of CVE-2018-4102?
CVE-2018-4102 has a severity rating of 6.5 (medium).
How can I fix CVE-2018-4102 in Safari?
To fix CVE-2018-4102, users should update Safari to version 11.1 or later.
Where can I find more information about CVE-2018-4102?
You can find more information about CVE-2018-4102 on the following references: [SecurityFocus](http://www.securityfocus.com/bid/103580), [SecurityTracker](http://www.securitytracker.com/id/1040606), and [Apple Support](https://support.apple.com/HT208695).