» 2020 » 2월

CVE-2020-3867

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3867

A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.

Source: CVE-2020-3867

CVE-2020-3869

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3869

An issue existed in the handling of the local user’s self-view. The issue was corrected with improved logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A remote FaceTime user may be able to cause the local user’s camera self-view to display the incorrect camera.

Source: CVE-2020-3869

CVE-2020-3871

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3871

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with kernel privileges.

Source: CVE-2020-3871

CVE-2020-3875

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3875

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to read restricted memory.

Source: CVE-2020-3875

CVE-2020-3873

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3873

This issue was addressed with improved setting propagation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Turning off "Load remote content in messagesâ€� may not apply to all mail previews.

Source: CVE-2020-3873

CVE-2020-7061

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-7061

In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.

Source: CVE-2020-7061

CVE-2020-3877

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3877

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3, watchOS 6.1.2. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

Source: CVE-2020-3877

CVE-2020-3846

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3846

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.

Source: CVE-2020-3846

CVE-2020-3861

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3861

The issue was addressed with improved permissions logic. This issue is fixed in iTunes for Windows 12.10.4. A user may gain access to protected parts of the file system.

Source: CVE-2020-3861

CVE-2020-3854

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3854

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with system privileges.

Source: CVE-2020-3854