Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
828
VMScore

CVE-2020-9789

Published: 09/06/2020 Updated: 09/01/2023
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x

apple icloud

apple itunes

apple iphone os

apple watchos

apple tvos

apple ipados

Mailing Lists

Full Disclosure: APPLE-SA-2020-05-26-10 iCloud for Windows 7.19
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-10 iCloud for Windows 719 iCloud for Windows 719 is now available and addresses the following: ImageIO Available for: Windows 7 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed ...
Full Disclosure: APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-1 iOS 135 and iPadOS 135 iOS 135 and iPadOS 135 address the following: Accounts Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause a denial of service Description: A de ...
Full Disclosure: APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-3 macOS Catalina 10155, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra macOS Catalina 10155, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address the following: Accounts Available for: macOS Catalina 1015 ...
Full Disclosure: APPLE-SA-2020-05-26-4 tvOS 13.4.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-4 tvOS 1345 tvOS 1345 addresses the following: Accounts Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation CVE-2020-9827: Jannik Lo ...
Full Disclosure: APPLE-SA-2020-05-26-9 iCloud for Windows 11.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-9 iCloud for Windows 112 iCloud for Windows 112 is now available and addresses the following: ImageIO Available for: Windows 10 and later via the Microsoft Store Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds w ...
Full Disclosure: APPLE-SA-2020-05-26-8 iTunes 12.10.7 for Windows
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-8 iTunes 12107 for Windows iTunes 12107 for Windows addresses the following: ImageIO Available for: Windows 7 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved b ...
Full Disclosure: APPLE-SA-2020-05-26-5 watchOS 6.2.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-05-26-5 watchOS 625 watchOS 625 addresses the following: Accounts Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause a denial of service Description: A denial of service issue was addressed with improved input validation CVE-2020-9827: Ja ...

References

CWE-787https://support.apple.com/HT211178https://support.apple.com/HT211168https://support.apple.com/HT211179https://support.apple.com/HT211170https://support.apple.com/HT211181https://support.apple.com/HT211171https://support.apple.com/HT211175https://nvd.nist.govhttp://seclists.org/fulldisclosure/2020/May/57
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995CVE-2024-36680CVE-2024-35537unauthorizedCVE-2024-21518CVE-2024-37673cross-site scriptingSSRFCVE-2024-6241
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook