CVE-2018-4198: Input Validation
UIKit. A validation issue existed in the handling of text. This issue was addressed with improved validation of text.
Other sources
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2018-4196
- CVE-2018-4253
- CVE-2018-4256
- CVE-2018-4255
- CVE-2018-4254
- CVE-2018-4258
- CVE-2018-4257
- CVE-2018-7584
- CVE-2018-4219
- CVE-2018-5383
- CVE-2018-4171
- CVE-2018-4194
- CVE-2018-4180
- CVE-2018-4181
- CVE-2018-4182
- CVE-2018-4183
- CVE-2018-4478
- CVE-2018-4251
- CVE-2018-4211
- CVE-2018-4229
- CVE-2018-4159
- CVE-2018-4242
- CVE-2018-4202
- CVE-2018-4217
- CVE-2018-4141
- CVE-2018-4228
- CVE-2018-4236
- CVE-2018-4234
- CVE-2018-4249
- CVE-2018-8897
- CVE-2018-4241
- CVE-2018-4243
- CVE-2018-4237
- CVE-2018-4404
- CVE-2018-4227
- CVE-2018-4235
- CVE-2018-4240
- CVE-2018-4230
- CVE-2018-4221
- CVE-2018-4223
- CVE-2018-4224
- CVE-2018-4225
- CVE-2018-4226
- CVE-2018-4184
- CVE-2018-4198
- CVE-2018-4193
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2018-4198.
Which Apple products are affected by this vulnerability?
iOS before 11.4, macOS before 10.13.5, tvOS before 11.4, and watchOS before 4.3.1 are affected by this vulnerability.
What is the severity of CVE-2018-4198?
The severity of CVE-2018-4198 is medium (CVSS score: 5.5).
How can remote attackers exploit this vulnerability?
Remote attackers can exploit this vulnerability by causing a denial of service via a crafted text file.
How can I fix this vulnerability?
To fix this vulnerability, it is recommended to update to the latest available version of iOS, macOS, tvOS, or watchOS.