vulnerability

Apple iTunes security update for CVE-2018-4210

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	May 3, 2018	May 3, 2018	Mar 27, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

May 3, 2018

Added

May 3, 2018

Modified

Mar 27, 2026

Description

In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This issue was addressed with improved checks.

Solution

apple-itunes-upgrade-12_7_4

References

CVE-2018-4210
https://attackerkb.com/topics/CVE-2018-4210
CWE-129
EUVD-EUVD-2018-15996
http://support.apple.com/kb/HT208694
https://euvd.enisa.europa.eu/vulnerability/EUVD-2018-15996

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report