CVE-2020-9961

Published: Oct 27, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.

Affected (34)

Products: Apple: Icloud, Ipados, Iphone Os, Itunes, Mac Os X, Tvos, Watchos

7 products

Configuration A

34 vulnerable

Vulnerable Software	Affected Versions
Apple Icloud	Before 11.5
Apple Ipados	Before 14.0
Apple Iphone Os	Before 14.0
Apple Itunes	Before 12.10.9
Apple Mac Os X	From 10.13 to 10.13.6
Apple Mac Os X	From 10.14 to 10.14.6
Apple Mac Os X	From 10.15 to 10.15.7
Apple Mac Os X	Version 10.13.6
Apple Mac Os X	Version 10.13.6 security_update_2018-002
Apple Mac Os X	Version 10.13.6 security_update_2018-003
Apple Mac Os X	Version 10.13.6 security_update_2019-001
Apple Mac Os X	Version 10.13.6 security_update_2019-002
Apple Mac Os X	Version 10.13.6 security_update_2019-003
Apple Mac Os X	Version 10.13.6 security_update_2019-004
Apple Mac Os X	Version 10.13.6 security_update_2019-005
Apple Mac Os X	Version 10.13.6 security_update_2019-006
Apple Mac Os X	Version 10.13.6 security_update_2019-007
Apple Mac Os X	Version 10.13.6 security_update_2020-001
Apple Mac Os X	Version 10.13.6 security_update_2020-002
Apple Mac Os X	Version 10.13.6 security_update_2020-003
Apple Mac Os X	Version 10.13.6 security_update_2020-004
Apple Mac Os X	Version 10.14.6
Apple Mac Os X	Version 10.14.6 security_update_2019-001
Apple Mac Os X	Version 10.14.6 security_update_2019-002
Apple Mac Os X	Version 10.14.6 security_update_2019-004
Apple Mac Os X	Version 10.14.6 security_update_2019-005
Apple Mac Os X	Version 10.14.6 security_update_2019-006
Apple Mac Os X	Version 10.14.6 security_update_2019-007
Apple Mac Os X	Version 10.14.6 security_update_2020-001
Apple Mac Os X	Version 10.14.6 security_update_2020-002
Apple Mac Os X	Version 10.14.6 security_update_2020-003
Apple Mac Os X	Version 10.14.6 security_update_2020-004
Apple Tvos	Before 14.0
Apple Watchos	Before 7.0