Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
606
VMScore

CVE-2020-9802

Published: 09/06/2020 Updated: 09/01/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Apple

Vulnerability Summary

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple icloud

apple itunes

apple safari

apple iphone os

apple watchos

apple tvos

apple ipados

Vendor Advisories

Debian Security Advisories: DSA-4724-1 webkit2gtk -- security update
The following vulnerabilities have been discovered in the webkit2gtk web engine: CVE-2020-9802 Samuel Gross discovered that processing maliciously crafted web content may lead to arbitrary code execution CVE-2020-9803 Wen Xu discovered that processing maliciously crafted web content may lead to arbitrary code execution CVE-2020-9 ...
Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update
Synopsis Moderate: OpenShift Container Platform 46 compliance-operator security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container ...
Red Hat: Moderate: GNOME security, bug fix, and enhancement update
Synopsis Moderate: GNOME security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for GNOME is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ...
Red Hat: Moderate: Red Hat Quay v3.3.3 bug fix and security update
Synopsis Moderate: Red Hat Quay v333 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat Quay v333 is now available with bug fixes and security updatesRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring S ...
Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update
Synopsis Moderate: OpenShift Container Platform 46 compliance-operator security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container ...
Red Hat: Moderate: OpenShift Container Platform 4.10.3 security update
Synopsis Moderate: OpenShift Container Platform 4103 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4103 is now available withupdates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...
Red Hat: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update
Synopsis Moderate: Red Hat OpenShift Container Storage 460 security, bug fix, enhancement update Type/Severity Security Advisory: Moderate Topic Updated images are now available for Red Hat OpenShift Container Storage 460 on Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ha ...
Red Hat: Important: Service Telemetry Framework 1.4 security update
Synopsis Important: Service Telemetry Framework 14 security update Type/Severity Security Advisory: Important Topic An update is now available for Service Telemetry Framework 14 for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which g ...
Arch Linux Issues:
Severity Unknown Remote Unknown Type Unknown Description AVG-1203 webkit2gtk 2282-2 2283-1 Unknown Fixed ...

Exploits

Exploit DB: JSC JIT Out-Of-Bounds Access
The DFG and FTL JIT compilers incorrectly replace Checked with Unchecked ArithNegate operations (and vice versa) during Common Subexpression Elimination This can then be exploited to cause out-of-bounds accesses and potentially other memory safety violations ...

Mailing Lists

Full Disclosure: APPLE-SA-2020-05-26-10 iCloud for Windows 7.19
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> APPLE-SA-2020-05-26-10 iCloud for Windows 719 <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Apple Prod ...
Full Disclosure: APPLE-SA-2020-05-26-4 tvOS 13.4.5
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> APPLE-SA-2020-05-26-4 tvOS 1345 <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Apple Product Security ...

Github Repositories

https://github.com/sploitem/WebKitPwn

Some papers and exploit writeups about WebKit.

WebKitPwn Some papers and exploit writeups about WebKit Reading list for VR Architecture Apple Browser Internals WebKit Architecture Writeups A Guide to Assertion Macros in WebKit A New Bytecode Format for JavaScriptCore Apple Safari JavaScriptCore Inspector Type Confusion CVE-2017-2446 or JSC__JSGlobalObject__isHavingABadTime CVE-2018-4441 OOB R_W via JSArray unshiftCountW

https://github.com/Chaos192/test

WebKit PoC Exploit for iOS 1341 on iPhone Xs and Safari 131 on macOS 10154 A proof-of-concept exploit for CVE-2020-9802 The exploit targets WebKit on iOS 1341 on an iPhone Xs Vulnerability CVE-2020-9802 allows OOB access on the JSC heap due to incorrect bounds check elimination due to a bug in CSE With some more fiddling, it is possible to read or write out-of-bounds

Recent Articles

You, Apple Mac fan. Put down the homemade oat-milk latte, you need to patch a load of security bugs, too
The Register • Shaun Nichols in San Francisco • 28 May 2020

Patch Thursday is for you, Patch Tuesday is for everyone else Apple promises third, no, fourth, er, fifth time's a charm when it comes to macOS Catalina: 10.15.5 now out

Apple has alerted users about a bunch of security fixes for its software on supported versions of macOS that you ought to install as soon as you can. For Safari, there are nine CVE-listed patches in version 13.1.1. Six address malicious code execution (CVE-2020-9802, CVE-2020-9800, CVE-2020-9806, CVE-2020-9807, CVE-2020-9850, CVE-2020-9803) that can be achieved by opening a booby-trapped webpage or similar. These were found separately by Samuel Groß of Google Project Zero; Brendan Draper workin...

Read more...

References

NVD-CWE-noinfohttps://support.apple.com/HT211177https://support.apple.com/HT211178https://support.apple.com/HT211168https://support.apple.com/HT211179https://support.apple.com/HT211181https://support.apple.com/HT211171https://support.apple.com/HT211175https://nvd.nist.govhttps://www.debian.org/security/2020/dsa-4724https://github.com/sploitem/WebKitPwn
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook