ID

VAR-202002-1152


CVE

CVE-2020-3825


TITLE

plural Apple Product Corruption Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-002304

DESCRIPTION

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple tvOS is a smart TV operating system. The product supports storage of music, photos, App and contacts, etc. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Windows-based iCloud versions prior to 10.9.2 and 7.17; Windows-based iTunes versions prior to 12.10.4; Apple tvOS versions prior to 13.3.1; Safari versions prior to 13.0.5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2 iCloud for Windows 10.9.2 is now available and addresses the following: ImageIO Available for: Windows 10 and later via the Microsoft Store Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3826: Samuel Groß of Google Project Zero libxml2 Available for: Windows 10 and later via the Microsoft Store Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow was addressed with improved size validation. CVE-2020-3846: Ranier Vilela WebKit Available for: Windows 10 and later via the Microsoft Store Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2020-3825: Przemysław Sporysz of Euvic CVE-2020-3868: Marcin Towalski of Cisco Talos WebKit Available for: Windows 10 and later via the Microsoft Store Impact: A malicious website may be able to cause a denial of service Description: A denial of service issue was addressed with improved memory handling. CVE-2020-3865: Ryan Pickren (ryanpickren.com) Installation note: iCloud for Windows 10.9.2 may be obtained from: https://support.apple.com/HT204283 Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl4x9jMACgkQBz4uGe3y 0M1Apw/+PrQvBheHkxIo2XjPOyTxO+M8mlaU+6gY7Ue14zivPO20JqRLb34FyNfh iE+RSJ3NB/0cdZIUH1xcrKzK+tmVFVETJaBmLmoTHBy3946DQtUvditLfTHYnYzC peJbdG4UyevVwf/AoED5iI89lf/ADOWm9Xu0LVtvDKyTAFewQp9oOlG731twL9iI 6ojuzYokYzJSWcDlLMTFB4sDpZsNEz2Crf+WZ44r5bHKcSTi7HzS+OPueQ6dSdqi Y9ioDv/SB0dnLJZE2wq6eaFL2t7eXelYUSL7SekXI4aYQkhaOQFabutFuYNoOX4e +ctnbSdVT5WjG7tyg9L7bl4m1q8GgH43OLBmA1Z/gps004PHMQ87cRRjvGGKIQOf YMI0VBqFc6cAnDYh4Oun31gbg9Y1llYYwTQex7gjx9U+v3FKOaxWxQg8N9y4d2+v qsStr7HKVKcRE/LyEx4fA44VoKNHyHZ4LtQSeX998MTapyH5XbbHEWr/K4TcJ8ij 6Zv/GkUKeINDJbRFhiMJtGThTw5dba5sfHfVv88NrbNYcwwVQrvlkfMq8Jrn0YEf rahjCDLigXXbyaqxM57feJ9+y6jHpULeywomGv+QEzyALTdGKIaq7w1pwLdOHizi Lcxvr8FxmUxydrvFJSUDRa9ELigIsLmgPB3l1UiUmd3AQ38ymJw= =tRpr -----END PGP SIGNATURE-----=

Trust: 1.89

sources: NVD: CVE-2020-3825 // JVNDB: JVNDB-2020-002304 // VULHUB: VHN-181950 // PACKETSTORM: 156153 // PACKETSTORM: 156152

AFFECTED PRODUCTS

vendor:applemodel:icloudscope:ltversion:11.0

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:13.3.1

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:13.3.1

Trust: 1.0

vendor:applemodel:safariscope:ltversion:3.0.5

Trust: 1.0

vendor:applemodel:itunesscope:ltversion:12.10.4

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:13.3.1

Trust: 1.0

vendor:applemodel:iosscope:eqversion:13.3.1 未満 (ipod touch 第 7 世代)

Trust: 0.8

vendor:applemodel:iosscope:eqversion:13.3.1 未満 (iphone 6s 以降)

Trust: 0.8

vendor:applemodel:safariscope:eqversion:13.0.5 未満 (macos mojave)

Trust: 0.8

vendor:applemodel:safariscope:eqversion:13.0.5 未満 (macos high sierra)

Trust: 0.8

vendor:applemodel:ipadosscope:eqversion:13.3.1 未満 (ipad air 2 以降)

Trust: 0.8

vendor:applemodel:icloudscope:eqversion:for windows 7.17 未満 (windows 7 以降)

Trust: 0.8

vendor:applemodel:tvosscope:eqversion:13.3.1 未満 (apple tv hd)

Trust: 0.8

vendor:applemodel:tvosscope:eqversion:13.3.1 未満 (apple tv 4k)

Trust: 0.8

vendor:applemodel:ipadosscope:eqversion:13.3.1 未満 (ipad mini 4 以降)

Trust: 0.8

vendor:applemodel:itunesscope:eqversion:for windows 12.10.4 未満 (windows 7 以降)

Trust: 0.8

vendor:applemodel:safariscope:eqversion:13.0.5 未満 (macos catalina)

Trust: 0.8

vendor:applemodel:icloudscope:eqversion:for windows 10.9.2 未満 (windows 10 以降)

Trust: 0.8

sources: JVNDB: JVNDB-2020-002304 // NVD: CVE-2020-3825

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3825
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-002304
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202001-1410
value: HIGH

Trust: 0.6

VULHUB: VHN-181950
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3825
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002304
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181950
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3825
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-002304
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181950 // JVNDB: JVNDB-2020-002304 // CNNVD: CNNVD-202001-1410 // NVD: CVE-2020-3825

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-181950 // JVNDB: JVNDB-2020-002304 // NVD: CVE-2020-3825

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202001-1410

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202001-1410

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-002304

PATCH

title:HT210923url:https://support.apple.com/en-us/HT210923

Trust: 0.8

title:HT210947url:https://support.apple.com/en-us/HT210947

Trust: 0.8

title:HT210948url:https://support.apple.com/en-us/HT210948

Trust: 0.8

title:HT210918url:https://support.apple.com/en-us/HT210918

Trust: 0.8

title:HT210920url:https://support.apple.com/en-us/HT210920

Trust: 0.8

title:HT210922url:https://support.apple.com/en-us/HT210922

Trust: 0.8

title:HT210947url:https://support.apple.com/ja-jp/HT210947

Trust: 0.8

title:HT210948url:https://support.apple.com/ja-jp/HT210948

Trust: 0.8

title:HT210918url:https://support.apple.com/ja-jp/HT210918

Trust: 0.8

title:HT210920url:https://support.apple.com/ja-jp/HT210920

Trust: 0.8

title:HT210922url:https://support.apple.com/ja-jp/HT210922

Trust: 0.8

title:HT210923url:https://support.apple.com/ja-jp/HT210923

Trust: 0.8

title:Multiple Apple product WebKit Fix for component buffer error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110870

Trust: 0.6

sources: JVNDB: JVNDB-2020-002304 // CNNVD: CNNVD-202001-1410

EXTERNAL IDS

db:NVDid:CVE-2020-3825

Trust: 2.7

db:PACKETSTORMid:156153

Trust: 0.8

db:JVNid:JVNVU95678717

Trust: 0.8

db:JVNDBid:JVNDB-2020-002304

Trust: 0.8

db:CNNVDid:CNNVD-202001-1410

Trust: 0.7

db:AUSCERTid:ESB-2020.0346

Trust: 0.6

db:PACKETSTORMid:156152

Trust: 0.2

db:VULHUBid:VHN-181950

Trust: 0.1

sources: VULHUB: VHN-181950 // JVNDB: JVNDB-2020-002304 // PACKETSTORM: 156153 // PACKETSTORM: 156152 // CNNVD: CNNVD-202001-1410 // NVD: CVE-2020-3825

REFERENCES

url:https://support.apple.com/ht210947

Trust: 1.7

url:https://support.apple.com/ht210948

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-3825

Trust: 1.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3825

Trust: 0.8

url:https://jvn.jp/vu/jvnvu95678717/

Trust: 0.8

url:https://support.apple.com/en-au/ht210795

Trust: 0.6

url:https://support.apple.com/en-au/ht210794

Trust: 0.6

url:https://support.apple.com/en-us/ht210947

Trust: 0.6

url:https://packetstormsecurity.com/files/156153/apple-security-advisory-2020-1-29-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0346/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-3826

Trust: 0.2

url:https://support.apple.com/ht204283

Trust: 0.2

url:https://support.apple.com/kb/ht201222

Trust: 0.2

url:https://www.apple.com/support/security/pgp/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3865

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3867

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3868

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3862

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3846

Trust: 0.2

sources: VULHUB: VHN-181950 // JVNDB: JVNDB-2020-002304 // PACKETSTORM: 156153 // PACKETSTORM: 156152 // CNNVD: CNNVD-202001-1410 // NVD: CVE-2020-3825

CREDITS

Apple,Przemysław Sporysz of Euvic

Trust: 0.6

sources: CNNVD: CNNVD-202001-1410

SOURCES

db:VULHUBid:VHN-181950
db:JVNDBid:JVNDB-2020-002304
db:PACKETSTORMid:156153
db:PACKETSTORMid:156152
db:CNNVDid:CNNVD-202001-1410
db:NVDid:CVE-2020-3825

LAST UPDATE DATE

2024-08-14T12:42:29.713000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181950date:2021-07-21T00:00:00
db:JVNDBid:JVNDB-2020-002304date:2020-03-11T00:00:00
db:CNNVDid:CNNVD-202001-1410date:2021-10-29T00:00:00
db:NVDid:CVE-2020-3825date:2021-07-21T11:39:23.747

SOURCES RELEASE DATE

db:VULHUBid:VHN-181950date:2020-02-27T00:00:00
db:JVNDBid:JVNDB-2020-002304date:2020-03-11T00:00:00
db:PACKETSTORMid:156153date:2020-01-30T14:46:35
db:PACKETSTORMid:156152date:2020-01-30T14:46:23
db:CNNVDid:CNNVD-202001-1410date:2020-01-30T00:00:00
db:NVDid:CVE-2020-3825date:2020-02-27T21:15:15.850