CVE-2018-4176: Input Validation
Disk Images. A logic issue was addressed with improved validation.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue involves the "Disk Images" component. It allows attackers to trigger an app launch upon mounting a crafted disk image.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4170
- CVE-2018-4105
- CVE-2018-4112
- CVE-2018-4166
- CVE-2018-4155
- CVE-2018-4158
- CVE-2018-4142
- CVE-2017-13890
- CVE-2017-8816
- CVE-2018-4176
- CVE-2018-4108
- CVE-2017-13080
- CVE-2018-4167
- CVE-2018-4151
- CVE-2018-4132
- CVE-2018-4135
- CVE-2018-4150
- CVE-2018-4104
- CVE-2018-4143
- CVE-2018-4136
- CVE-2018-4160
- CVE-2018-4185
- CVE-2018-4139
- CVE-2018-4175
- CVE-2017-15412
- CVE-2018-4187
- CVE-2018-4179
- CVE-2018-4111
- CVE-2018-4174
- CVE-2018-4152
- CVE-2017-7151
- CVE-2018-4138
- CVE-2018-4107
- CVE-2018-4156
- CVE-2018-4157
- CVE-2018-4298
- CVE-2018-4144
- CVE-2017-13911
- CVE-2018-4173
- CVE-2018-4154
- CVE-2018-4115
- CVE-2018-4106
- CVE-2018-4131
Frequently Asked Questions
What is CVE-2018-4176?
CVE-2018-4176 is a logic issue vulnerability in certain Apple products, specifically macOS before 10.13.4.
How does CVE-2018-4176 affect Apple products?
CVE-2018-4176 allows attackers to trigger an app launch upon mounting a crafted disk image in macOS before 10.13.4.
What is the severity of CVE-2018-4176?
CVE-2018-4176 has a severity value of 5.5, categorized as medium.
How can I fix CVE-2018-4176?
To fix CVE-2018-4176, you should update macOS to version 10.13.4 or later.
Where can I find more information about CVE-2018-4176?
You can find more information about CVE-2018-4176 at the following references: [SecurityFocus](http://www.securityfocus.com/bid/103582), [SecurityTracker](http://www.securitytracker.com/id/1040608), [Apple Support](https://support.apple.com/HT208692).