CVE-2018-4116: Input Validation
An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site.
Other sources
Safari. An inconsistent user interface issue was addressed with improved state management.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4102
- CVE-2018-4116
- CVE-2018-4186
- CVE-2018-4137
- CVE-2018-4101
- CVE-2018-4114
- CVE-2018-4118
- CVE-2018-4119
- CVE-2018-4120
- CVE-2018-4121
- CVE-2018-4122
- CVE-2018-4125
- CVE-2018-4127
- CVE-2018-4128
- CVE-2018-4129
- CVE-2018-4130
- CVE-2018-4161
- CVE-2018-4162
- CVE-2018-4163
- CVE-2018-4165
- CVE-2018-4133
- CVE-2018-4113
- CVE-2018-4146
- CVE-2018-4117
- CVE-2018-4207
- CVE-2018-4208
- CVE-2018-4209
- CVE-2018-4210
- CVE-2018-4212
- CVE-2018-4213
- CVE-2018-4145
Frequently Asked Questions
What is CVE-2018-4116?
CVE-2018-4116 is a vulnerability found in Safari before version 11.1 that allows remote attackers to spoof the address bar via a crafted website.
How does CVE-2018-4116 affect Safari?
CVE-2018-4116 affects Safari versions before 11.1.
What is the severity of CVE-2018-4116?
The severity of CVE-2018-4116 is medium with a CVSS score of 6.5.
How can I fix CVE-2018-4116 in Safari?
To fix CVE-2018-4116, update Safari to version 11.1 or later.
Where can I find more information about CVE-2018-4116?
You can find more information about CVE-2018-4116 on the following references: [SecurityTracker](http://www.securitytracker.com/id/1040606) and [Apple Support](https://support.apple.com/HT208695).