NVD Vulnerability Detail

CVE-2018-4474

Summary	A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure.
Publication Date	Oct. 28, 2020, 5:15 a.m.
Registration Date	March 1, 2021, 7:28 p.m.
Last Update	Nov. 21, 2024, 1:07 p.m.

Affected software configurations

Related information, measures and tools

No	URL	タグ
1	https://support.apple.com/en-us/HT209106	Vendor Advisory
2	https://support.apple.com/en-us/HT209106	Vendor Advisory
3	https://support.apple.com/en-us/HT209107	Vendor Advisory
4	https://support.apple.com/en-us/HT209107	Vendor Advisory
5	https://support.apple.com/en-us/HT209108	Vendor Advisory
6	https://support.apple.com/en-us/HT209108	Vendor Advisory
7	https://support.apple.com/en-us/HT209109	Vendor Advisory
8	https://support.apple.com/en-us/HT209109	Vendor Advisory
9	https://support.apple.com/en-us/HT209140	Vendor Advisory
10	https://support.apple.com/en-us/HT209140	Vendor Advisory
11	https://support.apple.com/en-us/HT209141	Vendor Advisory
12	https://support.apple.com/en-us/HT209141	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-400	リソースの枯渇	https://cwe.mitre.org/data/definitions/400.html

JVN Vulnerability Information

複数の Apple 製品におけるメモリ消費の脆弱性

Title	複数の Apple 製品におけるメモリ消費の脆弱性
Summary	複数の Apple 製品には、メモリ処理に不備があるため、メモリ消費の脆弱性が存在します。
Possible impacts	予期しない操作を介して、ASSERT エラーを発生される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Sept. 12, 2018, midnight
Registration Date	May 24, 2021, 3:32 p.m.
Last Update	May 24, 2021, 3:32 p.m.

Affected System

アップル

iCloud for Windows 7.7 未満 (Windows 7 以降)

iOS 12 未満 (iPad Air 以降)

iOS 12 未満 (iPhone 5s 以降)

iOS 12 未満 (iPod touch 第 6 世代)

iTunes for Windows 12.9 未満 (Windows 7 以降)

Safari 12 未満 (macOS High Sierra 10.13.6)

Safari 12 未満 (macOS Mojave 10.14)

Safari 12 未満 (macOS Sierra 10.12.6)

tvOS 12 未満 (Apple TV 4K)

tvOS 12 未満 (Apple TV 第 4 世代)

watchOS 5 未満 (Apple Watch Series 1 以降)

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2018-4474	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4474
National Vulnerability Database (NVD)
2	CVE-2018-4474	https://nvd.nist.gov/vuln/detail/CVE-2018-4474

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-400	https://cwe.mitre.org/data/definitions/400.html

ベンダー情報

No	Name	URL
Apple Security Updates
1	HT209106	https://support.apple.com/en-us/HT209106
2	HT209107	https://support.apple.com/en-us/HT209107
3	HT209108	https://support.apple.com/en-us/HT209108
4	HT209109	https://support.apple.com/en-us/HT209109
5	HT209140	https://support.apple.com/en-us/HT209140
6	HT209141	https://support.apple.com/en-us/HT209141
Apple セキュリティアップデート
7	HT209106	https://support.apple.com/ja-jp/HT209106
8	HT209107	https://support.apple.com/ja-jp/HT209107
9	HT209108	https://support.apple.com/ja-jp/HT209108
10	HT209109	https://support.apple.com/ja-jp/HT209109
11	HT209140	https://support.apple.com/ja-jp/HT209140
12	HT209141	https://support.apple.com/ja-jp/HT209141

その他

No	Name	URL
JVN
1	JVNVU#92800088	http://jvn.jp/vu/JVNVU92800088/index.html
2	JVNVU#93341447	http://jvn.jp/vu/JVNVU93341447/index.html

Change Log

No	Changed Details	Date of change
1	[2021年05月24日] 掲載	May 24, 2021, 3:32 p.m.