» 2020 » 2월

CVE-2020-3865

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3865

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.

Source: CVE-2020-3865

CVE-2020-3831

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3831

A race condition was addressed with improved locking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.

Source: CVE-2020-3831

CVE-2020-3839

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3839

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.3. An application may be able to read restricted memory.

Source: CVE-2020-3839

CVE-2020-3829

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3829

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to gain elevated privileges.

Source: CVE-2020-3829

CVE-2020-3841

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3841

The issue was addressed with improved UI handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, Safari 13.0.5. A local user may unknowingly send a password unencrypted over the network.

Source: CVE-2020-3841

CVE-2020-3828

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3828

A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. A person with physical access to an iOS device may be able to access contacts from the lock screen.

Source: CVE-2020-3828

CVE-2020-3842

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3842

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.

Source: CVE-2020-3842

CVE-2020-3830

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3830

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Catalina 10.15.3. A malicious application may be able to overwrite arbitrary files.

Source: CVE-2020-3830

CVE-2020-3840

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3840

An off by one issue existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1. Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution.

Source: CVE-2020-3840

CVE-2020-3833

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-3833

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing.

Source: CVE-2020-3833