» 2020 » 2월

CVE-2020-3837

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3837

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

Source: CVE-2020-3837

CVE-2020-3836

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3836

An access issue was addressed with improved memory management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to determine kernel memory layout.

Source: CVE-2020-3836

CVE-2020-3835

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3835

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to access restricted files.

Source: CVE-2020-3835

CVE-2020-3834

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3834

A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

Source: CVE-2020-3834

CVE-2020-3838

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3838

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.

Source: CVE-2020-3838

CVE-2020-3827

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3827

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. Viewing a maliciously crafted JPEG file may lead to arbitrary code execution.

Source: CVE-2020-3827

CVE-2020-3826

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3826

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing a maliciously crafted image may lead to arbitrary code execution.

Source: CVE-2020-3826

CVE-2020-3825

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3825

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.

Source: CVE-2020-3825

CVE-2020-5400

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-5400

Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job. A malicious user with access to those logs may gain unauthorized access to resources protected by such credentials.

Source: CVE-2020-5400

CVE-2020-5401

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-5401

Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app.

Source: CVE-2020-5401