QwikSec

Security Database

CVE

CWE

Training

CVE-2018-4124

Published: Apr 3, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10.13.3 Supplemental Update is affected. tvOS before 11.2.6 is affected. watchOS before 4.2.3 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a crafted string containing a certain Telugu character.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://support.apple.com/HT208534

x_refsource_CONFIRM

https://support.apple.com/HT208537

x_refsource_CONFIRM

https://support.apple.com/HT208535

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

https://nakedsecurity.sophos.com/2018/02/20/apple-fixes-that-1-character-to-crash-your-mac-and-iphone-bug/

x_refsource_MISC

https://support.apple.com/HT208536

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.