Showing posts with label CVE-2020-9826. Show all posts
Showing posts with label CVE-2020-9826. Show all posts

Ajay Verma , , , , , , 01:58
Severity Rating: High 
Software Affected 
•Apple macOS Catalina versions prior to 10.15.4
•Apple macOS Mojave versions prior to 10.14.6
•Apple macOS High Sierra versions prior to 10.13.6

Overview 
Multiple vulnerabilities have been reported in Apple macOS which could be
exploited by an attacker to execute arbitrary code, bypass security
restrictions, disclose sensitive information, gain elevated privileges,
cause a kernel panic or cause denial of service conditions. 

Description
Multiple vulnerabilities exist in Apple macOS due to improper validation of
user-supplied input, error while parsing input, memory corruption issues,
improper bounds checking, improper state management, out-of-bounds read
errors, out-of-bounds write errors, use-after-free error, logic issues
while applying restrictions, or improper validation of symlinks. A remote
attacker could exploit these vulnerabilities by persuading the user to open
a specially crafted webpage. 

Successful exploitation of these vulnerabilities could allow the attacker
to execute arbitrary code, bypass security restrictions, disclose sensitive
information, gain elevated privileges, cause a kernel panic or cause denial
of service conditions.

Solution 
Apply appropriate security updates as mentioned in the   Apple Security
Update 

Vendor Information
Apple

References
Apple

CVE Name
CVE-2020-9827
CVE-2020-9772
CVE-2020-9826
CVE-2020-9842
CVE-2020-9804
CVE-2020-9815
CVE-2020-9856
CVE-2020-9791
CVE-2020-9831
CVE-2020-3882
CVE-2020-9847
CVE-2020-9855
CVE-2020-9816
CVE-2020-3878
CVE-2020-9789
CVE-2020-9790
CVE-2020-9822
CVE-2020-9837
CVE-2020-9821
CVE-2020-9797
CVE-2020-9852
CVE-2020-9795
CVE-2020-9808
CVE-2020-9811
CVE-2020-9812
CVE-2020-9813
CVE-2020-9814
CVE-2020-9809
CVE-2019-14868
CVE-2020-9857
CVE-2020-9817
CVE-2020-9851
CVE-2020-9793
CVE-2020-9825
CVE-2020-9771
CVE-2020-9788
CVE-2020-9824
CVE-2020-9794
CVE-2020-9839
CVE-2020-9792
CVE-2020-9844
CVE-2020-9830
CVE-2020-9834
CVE-2020-9833
CVE-2020-9832
CVE-2020-9841
CVE-2019-20044
CVE-2020-9828
Read more [..]

Ajay Verma , , , , , , , , 01:56
Severity Rating: High
Software Affected
Apple iOS and iPadOS versions prior to 13.5
Apple iOS versions prior to 12.4.7
Overview
Multiple vulnerabilities have been reported in Apple iOS and iPadOS which
could allow a remote attacker to cause denial of service conditions,
execute arbitrary code with kernel privileges, access sensitive
information, access and modify memory, cause memory corruption, modify the
file system, bypass security restrictions, gain elevated privileges or
perform cross site scripting attacks on a targeted system.

Description
These vulnerabilities exist due to multiple memory corruption issues,
out-of-bounds read and write errors, improper input sanitization, improper
input validation, improper parsing, use of a pseudorandom number generator
(PRNG) with low entropy, insufficient sandbox restrictions, improper state
management, improper memory handling, race condition, integer overflow,
type confusion, use after free, double free and other logical errors in
Accounts, AirDrop, AppleMobileFileIntegrity, Audio, Bluetooth, CoreText,
FaceTime, File System, FontParser, ImageIO, IPSec, Kernel, Mail, Messages,
Notifications, Sandbox, SQLite, System Preferences, USB Audio, WebKit,
WebRTC and Wi-Fi components of iOSand iPadOS. 
Successful exploitation of these vulnerabilities could allow the attacker
to cause denial of service conditions, execute arbitrary code with kernel
privileges, access sensitive information, access and modify memory, cause
memory corruption,modify the file system, bypass security restrictions,
gain elevated privileges or perform cross site scripting attacks on the
targeted system.

Solution
Apply appropriate security updates as mentioned in the   Apple Security
Updates

Vendor Information
Apple

References
Tenable

CISecurity
cts-could-allow-for-arbitrary-code-execution_2020-072/

CVE Name
CVE-2020-9827
CVE-2020-9826
CVE-2020-9842
CVE-2020-9815
CVE-2020-9791
CVE-2020-6616
CVE-2020-9838
CVE-2020-9829
CVE-2020-9835
CVE-2020-9820
CVE-2020-9816
CVE-2020-3878
CVE-2020-9789
CVE-2020-9790
CVE-2020-9837
CVE-2020-9821
CVE-2020-9797
CVE-2020-9852
CVE-2020-9795
CVE-2020-9808
CVE-2020-9811
CVE-2020-9812
CVE-2020-9813
CVE-2020-9814
CVE-2020-9809
CVE-2020-9819
CVE-2020-9818
CVE-2020-9823
CVE-2020-9848
CVE-2020-9825
CVE-2020-9794
CVE-2020-9839
CVE-2020-9792
CVE-2020-9805
CVE-2020-9802
CVE-2020-9850
CVE-2020-9843
CVE-2020-9803
CVE-2020-9806
CVE-2020-9807
CVE-2020-9800
CVE-2019-20503
CVE-2020-9844
CVE-2020-3843
Read more [..]
Subscribe to: Posts ( Atom )

© Copyright 2020. Designed By Templateify

© Copyright 2020. Ud64

Scroll to Top