CVE-2020-3868
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.
Published
2020-02-27T21:15:18.210
Last Modified
2024-11-21T05:31:52.097
Status
Modified
Source
[email protected]
Severity
CVSSv3.1: 8.8 (HIGH)
CVSSv2 Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
- Access Vector: NETWORK
- Access Complexity: MEDIUM
- Authentication: NONE
- Confidentiality Impact: COMPLETE
- Integrity Impact: COMPLETE
- Availability Impact: COMPLETE
Exploitability Score
8.6
Impact Score
10.0
Weaknesses
Affected Vendors & Products
References
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00004.html
Mailing List, Patch, Third Party Advisory
([email protected])
-
https://security.gentoo.org/glsa/202003-22
Third Party Advisory
([email protected])
-
https://support.apple.com/HT210920
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/HT210947
Release Notes, Vendor Advisory
([email protected])
-
https://support.apple.com/HT210948
Release Notes, Vendor Advisory
([email protected])
-
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00004.html
Mailing List, Patch, Third Party Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://security.gentoo.org/glsa/202003-22
Third Party Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/HT210920
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/HT210947
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)
-
https://support.apple.com/HT210948
Release Notes, Vendor Advisory
(af854a3a-2127-422b-91ae-364da2661108)