CVE-2020-9961

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:icloud:*:*:*:*:*:windows:*:*
cpe:2.3:a:apple:itunes:*:*:*:*:*:windows:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:-:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-002:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-003:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-001:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-002:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-003:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-004:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-005:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-006:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-007:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2020-001:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2020-002:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2020-003:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2020-004:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:41

Type Values Removed Values Added
References () http://seclists.org/fulldisclosure/2020/Nov/19 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2020/Nov/19 - Mailing List, Third Party Advisory
References () http://seclists.org/fulldisclosure/2020/Nov/20 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2020/Nov/20 - Mailing List, Third Party Advisory
References () http://seclists.org/fulldisclosure/2020/Nov/21 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2020/Nov/21 - Mailing List, Third Party Advisory
References () http://seclists.org/fulldisclosure/2020/Nov/22 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2020/Nov/22 - Mailing List, Third Party Advisory
References () https://support.apple.com/en-us/HT211849 - Release Notes, Vendor Advisory () https://support.apple.com/en-us/HT211849 - Release Notes, Vendor Advisory
References () https://support.apple.com/kb/HT211843 - Vendor Advisory () https://support.apple.com/kb/HT211843 - Vendor Advisory
References () https://support.apple.com/kb/HT211844 - Vendor Advisory () https://support.apple.com/kb/HT211844 - Vendor Advisory
References () https://support.apple.com/kb/HT211850 - Vendor Advisory () https://support.apple.com/kb/HT211850 - Vendor Advisory
References () https://support.apple.com/kb/HT211935 - Vendor Advisory () https://support.apple.com/kb/HT211935 - Vendor Advisory
References () https://support.apple.com/kb/HT211952 - Vendor Advisory () https://support.apple.com/kb/HT211952 - Vendor Advisory

Information

Published : 2020-10-27 21:15

Updated : 2024-11-21 05:41


NVD link : CVE-2020-9961

Mitre link : CVE-2020-9961

CVE.ORG link : CVE-2020-9961


JSON object : View

Products Affected

apple

  • itunes
  • tvos
  • watchos
  • mac_os_x
  • iphone_os
  • icloud
  • ipados
CWE
CWE-125

Out-of-bounds Read