CVE-2020-9879

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...

CVE-2020-9882

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution...

CVE-2020-9882

CVE-2020-9882 involves a buffer overflow in processing a malicious USD file, fixed in Apple updates: iOS 13.6, iPadOS 13.6, macOS Catalina 10.15.6, and watchOS 6.2.8. Root cause: improved memory handling to address a memory-corruption risk. Affected products include Apple platforms listed above; ...

CVE-2020-9880

CVE-2020-9880 describes a buffer overflow in Apple’s Model I/O handling of USD files. The root cause is an overflow that was addressed by improved bounds checking. Affected products include iOS/iPadOS, macOS Catalina, tvOS, and watchOS: specifically iOS 13.6 / iPadOS 13.6, macOS Catalina 10.15.6,...

CVE-2020-9880

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution...

CVE-2020-9883

CVE-2020-9883 is a buffer overflow affecting image handling in Apple platforms (CoreGraphics/ImageIO). The vulnerability allows arbitrary code execution when processing a malicious image. Apple fixed it in iOS 13.6/iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, and related Windo...

CVE-2020-9883

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead t...

CVE-2020-9881

CVE-2020-9881 is a buffer overflow vulnerability in Apple's USD file processing path that affects iOS, iPadOS, macOS, and watchOS. The issue stems from improper memory handling when processing a malicious USD file, potentially leading to application termination or arbitrary code execution. Apple ...

CVE-2020-9873

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to...

CVE-2020-9873

CVE-2020-9873 describes an out-of-bounds read in the Apple ImageIO component that could lead to arbitrary code execution when processing a malicious image. The vulnerability is fixed in multiple Apple platform updates, including iOS 13.6 / iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS...

CVE-2020-9877

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to...

CVE-2020-9877

CVE-2020-9877 concerns an out-of-bounds read that was addressed in Apple’s security updates. According to the vendor-supplied details, processing a maliciously crafted image could lead to arbitrary code execution. The fixed versions across affected platforms include iOS 13.6 and iPadOS 13.6, macO...

CVE-2020-9875

CVE-2020-9875 concerns an integer overflow that was addressed by improving input validation. The published details indicate the issue affects Apple’s ImageIO (and related image-processing paths) across macOS/iOS/watchOS/tvOS platforms and associated Windows/iCloud components. The vulnerability co...

CVE-2020-9876

CVE-2020-9876 is an out-of-bounds write in Apple's ImageIO component that can be triggered by processing a malicious PDF. Affected products include macOS/iOSwatch/tvOS/watchOS families via ImageIO, and Windows (iCloud for Windows, iTunes for Windows) and tvOS updates. Public details in connected ...

CVE-2020-9874

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...

CVE-2020-9871

CVE-2020-9871: An out-of-bounds write in ImageIO (openEXR handling) may allow arbitrary code execution when processing a malicious image. Affected products include Apple OSes and related apps; Apple’s mitigations are in security updates. Remediation: patch in iOS 13.6/iPadOS 13.6, macOS Catalina ...

CVE-2020-9871

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may...

CVE-2020-9868

CVE-2020-9868: A certificate validation issue occurred when processing administrator-added certificates on Apple platforms. The root cause is a validation flaw that could allow impersonation of a trusted website via shared key material associated with an administrator-added certificate. Affected ...

CVE-2020-9868

A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An attacker may have been able to impersonat...

CVE-2020-9863

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. An application may be able to execute arbitrary code with kernel privileges...