Vulnerability in Apple Icloud For Windows

CVE-2018-4302

A null pointer dereference was addressed with improved validation. This issue is fixed in macOS High Sierra 10.13, iCloud for Windows 7.0, watchOS 4, iOS 11, iTunes 12.7 for Windows. Processing maliciously crafted XML may lead to an unexpe…

EPSS: 0.004 (62.6th percentile) — read the EPSS interpretation.

Affected products

Apple Icloud For Windows — versions unspecified
Apple Ios — versions unspecified
Apple Itunes For Windows — versions unspecified
Apple Macos — versions unspecified
Apple Watchos — versions unspecified

References

support.apple.com/en-us/HT208144 (x_refsource_MISC)
support.apple.com/en-us/HT208112 (x_refsource_MISC)
support.apple.com/en-us/HT208115 (x_refsource_MISC)
support.apple.com/en-us/HT208141 (x_refsource_MISC)
support.apple.com/en-us/HT208142 (x_refsource_MISC)