CVE-2020-9794high
Description
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service or potentially disclose memory contents.
References
https://support.apple.com/HT211178
https://support.apple.com/HT211168
https://support.apple.com/HT211179
https://support.apple.com/HT211170
https://support.apple.com/HT211181
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://lists.apache.org/thread.html/[email protected]%3Cdev.mina.apache.org%3E
Details
Source: MITRE
Published: 2020-06-09
Updated: 2023-01-09
Type: CWE-125
Risk Information
CVSS v2
Base Score: 5.8
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Impact Score: 4.9
Exploitability Score: 8.6
Severity: MEDIUM
CVSS v3
Base Score: 8.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Impact Score: 5.2
Exploitability Score: 2.8
Severity: HIGH