CVE-2018-4149: Input Validation
SafariViewController. A state management issue was addressed by disabling text input until the destination page loads.
Other sources
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue involves the "SafariViewController" component. It allows remote attackers to spoof the user interface via a crafted web site that leverages input into a partially loaded page.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4177
- CVE-2018-4123
- CVE-2018-4155
- CVE-2018-4158
- CVE-2018-4142
- CVE-2018-4390
- CVE-2018-4391
- CVE-2018-4167
- CVE-2018-4168
- CVE-2018-4172
- CVE-2018-4151
- CVE-2018-4150
- CVE-2018-4104
- CVE-2018-4143
- CVE-2018-4185
- CVE-2017-15412
- CVE-2018-4187
- CVE-2018-4174
- CVE-2018-4166
- CVE-2018-4156
- CVE-2018-4157
- CVE-2018-4134
- CVE-2018-4137
- CVE-2018-4149
- CVE-2018-4144
- CVE-2018-4173
- CVE-2018-4154
- CVE-2018-4115
- CVE-2018-4140
- CVE-2018-4148
- CVE-2018-4110
- CVE-2018-4101
- CVE-2018-4114
- CVE-2018-4118
- CVE-2018-4119
- CVE-2018-4120
- CVE-2018-4121
- CVE-2018-4122
- CVE-2018-4125
- CVE-2018-4127
- CVE-2018-4128
- CVE-2018-4129
- CVE-2018-4130
- CVE-2018-4161
- CVE-2018-4162
- CVE-2018-4163
- CVE-2018-4165
- CVE-2018-4113
- CVE-2018-4146
- CVE-2018-4117
- CVE-2018-4207
- CVE-2018-4208
- CVE-2018-4209
- CVE-2018-4210
- CVE-2018-4212
- CVE-2018-4213
- CVE-2018-4145
- CVE-2018-4131
Frequently Asked Questions
What is CVE-2018-4149?
CVE-2018-4149 is a vulnerability found in certain Apple products, specifically in the SafariViewController component on iOS before version 11.3.
What is the severity of CVE-2018-4149?
CVE-2018-4149 has a severity rating of 8.8 (high).
How does CVE-2018-4149 affect Apple products?
CVE-2018-4149 affects iOS before version 11.3, allowing remote attackers to spoof the user interface via a crafted web site that leverages input into a partially loaded page.
How can I fix CVE-2018-4149?
To fix CVE-2018-4149, update your Apple device to iOS version 11.3 or later.
Where can I find more information about CVE-2018-4149?
You can find more information about CVE-2018-4149 on the following references: [SecurityFocus](http://www.securityfocus.com/bid/103578), [SecurityTracker](http://www.securitytracker.com/id/1040604), and [Apple Support](https://support.apple.com/HT208693).