CVE-2018-4302

Published: Dec 23, 2021

Modified: Aug 5, 2024

PUBLISHED

Description

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.

Vendor	Product	Versions
Apple	iOS	affected `unspecified - < 11`
Apple	watchOS	affected `unspecified - < 4`
Apple	iTunes for Windows	affected `unspecified - < 12.7`
Apple	iCloud for Windows	affected `unspecified - < 7.0`
Apple	macOS	affected `unspecified - < 10.13`