CVE-2020-9961

🗓️ 27 Oct 2020 20:42:36Reported by appleType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 105 Views

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution

Reporter	Title	Published	Views	Family All 27
Apple	About the security content of macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave	24 Sep 202000:00	–	apple
Apple	About the security content of iOS 14.0 and iPadOS 14.0	16 Sep 202000:00	–	apple
Apple	About the security content of iCloud for Windows 11.5	2 Dec 202000:00	–	apple
Apple	About the security content of iTunes 12.10.9 for Windows	16 Sep 202000:00	–	apple
Apple	About the security content of watchOS 7.0	16 Sep 202000:00	–	apple
Apple	About the security content of tvOS 14.0	16 Sep 202000:00	–	apple
Apple	About the security content of tvOS 14.0 - Apple Support	15 Dec 202005:52	–	apple
Apple	About the security content of watchOS 7.0 - Apple Support	15 Dec 202005:33	–	apple
Apple	About the security content of macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave - Apple Support	12 Nov 202010:19	–	apple
Apple	About the security content of iOS 14.0 and iPadOS 14.0 - Apple Support	15 Dec 202005:43	–	apple

NVD

Vulners

Node

apple icloudRange<11.5windows

apple itunesRange<12.10.9windows

apple ipadosRange<14.0

apple iphone_osRange<14.0

apple mac_os_xRange10.13–10.13.6

apple mac_os_xRange10.14–10.14.6

apple mac_os_xRange10.15–10.15.7

apple mac_os_xMatch10.13.6-

apple mac_os_xMatch10.13.6security_update_2018-002

apple mac_os_xMatch10.13.6security_update_2018-003

apple mac_os_xMatch10.13.6security_update_2019-001

apple mac_os_xMatch10.13.6security_update_2019-002

apple mac_os_xMatch10.13.6security_update_2019-003

apple mac_os_xMatch10.13.6security_update_2019-004

apple mac_os_xMatch10.13.6security_update_2019-005

apple mac_os_xMatch10.13.6security_update_2019-006

apple mac_os_xMatch10.13.6security_update_2019-007

apple mac_os_xMatch10.13.6security_update_2020-001

apple mac_os_xMatch10.13.6security_update_2020-002

apple mac_os_xMatch10.13.6security_update_2020-003

apple mac_os_xMatch10.13.6security_update_2020-004

apple mac_os_xMatch10.14.6-

apple mac_os_xMatch10.14.6security_update_2019-001

apple mac_os_xMatch10.14.6security_update_2019-002

apple mac_os_xMatch10.14.6security_update_2019-004

apple mac_os_xMatch10.14.6security_update_2019-005

apple mac_os_xMatch10.14.6security_update_2019-006

apple mac_os_xMatch10.14.6security_update_2019-007

apple mac_os_xMatch10.14.6security_update_2020-001

apple mac_os_xMatch10.14.6security_update_2020-002

apple mac_os_xMatch10.14.6security_update_2020-003

apple mac_os_xMatch10.14.6security_update_2020-004

apple tvosRange<14.0

apple watchosRange<7.0

[
  {
    "product": "macOS",
    "vendor": "Apple",
    "versions": [
      {
        "lessThan": "10.15",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
seclists	www.seclists.org/fulldisclosure/2020/Nov/19
support	www.support.apple.com/kb/HT211843
support	www.support.apple.com/en-us/HT211849
seclists	www.seclists.org/fulldisclosure/2020/Nov/21
support	www.support.apple.com/kb/HT211935
seclists	www.seclists.org/fulldisclosure/2020/Nov/20
support	www.support.apple.com/kb/HT211850
seclists	www.seclists.org/fulldisclosure/2020/Nov/22
support	www.support.apple.com/kb/HT211844
support	www.support.apple.com/kb/HT211952

21 Nov 2024 05:41Current

7.4High risk

Vulners AI Score7.4

CVSS 26.8

CVSS 3.17.8

EPSS0.00275

CWE-125