Details of VAR-202002-1152

ID

VAR-202002-1152

CVE

CVE-2020-3825

TITLE

plural Apple Product Corruption Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-002304

DESCRIPTION

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple tvOS is a smart TV operating system. The product supports storage of music, photos, App and contacts, etc. WebKit is one of the web browser engine components. A security vulnerability exists in the WebKit component of several Apple products. The following products and versions are affected: Windows-based iCloud versions prior to 10.9.2 and 7.17; Windows-based iTunes versions prior to 12.10.4; Apple tvOS versions prior to 13.3.1; Safari versions prior to 13.0.5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-1-29-2 iCloud for Windows 10.9.2 iCloud for Windows 10.9.2 is now available and addresses the following: ImageIO Available for: Windows 10 and later via the Microsoft Store Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3826: Samuel Groß of Google Project Zero libxml2 Available for: Windows 10 and later via the Microsoft Store Impact: Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow was addressed with improved size validation. CVE-2020-3846: Ranier Vilela WebKit Available for: Windows 10 and later via the Microsoft Store Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2020-3825: Przemysław Sporysz of Euvic CVE-2020-3868: Marcin Towalski of Cisco Talos WebKit Available for: Windows 10 and later via the Microsoft Store Impact: A malicious website may be able to cause a denial of service Description: A denial of service issue was addressed with improved memory handling. CVE-2020-3865: Ryan Pickren (ryanpickren.com) Installation note: iCloud for Windows 10.9.2 may be obtained from: https://support.apple.com/HT204283 Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl4x9jMACgkQBz4uGe3y 0M1Apw/+PrQvBheHkxIo2XjPOyTxO+M8mlaU+6gY7Ue14zivPO20JqRLb34FyNfh iE+RSJ3NB/0cdZIUH1xcrKzK+tmVFVETJaBmLmoTHBy3946DQtUvditLfTHYnYzC peJbdG4UyevVwf/AoED5iI89lf/ADOWm9Xu0LVtvDKyTAFewQp9oOlG731twL9iI 6ojuzYokYzJSWcDlLMTFB4sDpZsNEz2Crf+WZ44r5bHKcSTi7HzS+OPueQ6dSdqi Y9ioDv/SB0dnLJZE2wq6eaFL2t7eXelYUSL7SekXI4aYQkhaOQFabutFuYNoOX4e +ctnbSdVT5WjG7tyg9L7bl4m1q8GgH43OLBmA1Z/gps004PHMQ87cRRjvGGKIQOf YMI0VBqFc6cAnDYh4Oun31gbg9Y1llYYwTQex7gjx9U+v3FKOaxWxQg8N9y4d2+v qsStr7HKVKcRE/LyEx4fA44VoKNHyHZ4LtQSeX998MTapyH5XbbHEWr/K4TcJ8ij 6Zv/GkUKeINDJbRFhiMJtGThTw5dba5sfHfVv88NrbNYcwwVQrvlkfMq8Jrn0YEf rahjCDLigXXbyaqxM57feJ9+y6jHpULeywomGv+QEzyALTdGKIaq7w1pwLdOHizi Lcxvr8FxmUxydrvFJSUDRa9ELigIsLmgPB3l1UiUmd3AQ38ymJw= =tRpr -----END PGP SIGNATURE-----=

Trust: 1.89

sources: NVD: CVE-2020-3825 // JVNDB: JVNDB-2020-002304 // VULHUB: VHN-181950 // PACKETSTORM: 156153 // PACKETSTORM: 156152

AFFECTED PRODUCTS

vendor:	apple	model:	icloud	scope:	lt	version:	11.0	Trust: 1.0
vendor:	apple	model:	ipados	scope:	lt	version:	13.3.1	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	13.3.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	lt	version:	3.0.5	Trust: 1.0
vendor:	apple	model:	itunes	scope:	lt	version:	12.10.4	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	13.3.1	Trust: 1.0
vendor:	apple	model:	ios	scope:	eq	version:	13.3.1 未満 (ipod touch 第 7 世代)	Trust: 0.8
vendor:	apple	model:	ios	scope:	eq	version:	13.3.1 未満 (iphone 6s 以降)	Trust: 0.8
vendor:	apple	model:	safari	scope:	eq	version:	13.0.5 未満 (macos mojave)	Trust: 0.8
vendor:	apple	model:	safari	scope:	eq	version:	13.0.5 未満 (macos high sierra)	Trust: 0.8
vendor:	apple	model:	ipados	scope:	eq	version:	13.3.1 未満 (ipad air 2 以降)	Trust: 0.8
vendor:	apple	model:	icloud	scope:	eq	version:	for windows 7.17 未満 (windows 7 以降)	Trust: 0.8
vendor:	apple	model:	tvos	scope:	eq	version:	13.3.1 未満 (apple tv hd)	Trust: 0.8
vendor:	apple	model:	tvos	scope:	eq	version:	13.3.1 未満 (apple tv 4k)	Trust: 0.8
vendor:	apple	model:	ipados	scope:	eq	version:	13.3.1 未満 (ipad mini 4 以降)	Trust: 0.8
vendor:	apple	model:	itunes	scope:	eq	version:	for windows 12.10.4 未満 (windows 7 以降)	Trust: 0.8
vendor:	apple	model:	safari	scope:	eq	version:	13.0.5 未満 (macos catalina)	Trust: 0.8
vendor:	apple	model:	icloud	scope:	eq	version:	for windows 10.9.2 未満 (windows 10 以降)	Trust: 0.8

sources: JVNDB: JVNDB-2020-002304 // NVD: CVE-2020-3825

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3825
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-002304
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202001-1410
value:	HIGH
Trust: 0.6
VULHUB:	VHN-181950
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-3825
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-002304
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-181950
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3825
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-002304
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-181950 // JVNDB: JVNDB-2020-002304 // CNNVD: CNNVD-202001-1410 // NVD: CVE-2020-3825

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.1
problemtype:	CWE-119	Trust: 0.9

sources: VULHUB: VHN-181950 // JVNDB: JVNDB-2020-002304 // NVD: CVE-2020-3825

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202001-1410

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202001-1410

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-002304

PATCH

title:	HT210923	url:	https://support.apple.com/en-us/HT210923	Trust: 0.8
title:	HT210947	url:	https://support.apple.com/en-us/HT210947	Trust: 0.8
title:	HT210948	url:	https://support.apple.com/en-us/HT210948	Trust: 0.8
title:	HT210918	url:	https://support.apple.com/en-us/HT210918	Trust: 0.8
title:	HT210920	url:	https://support.apple.com/en-us/HT210920	Trust: 0.8
title:	HT210922	url:	https://support.apple.com/en-us/HT210922	Trust: 0.8
title:	HT210947	url:	https://support.apple.com/ja-jp/HT210947	Trust: 0.8
title:	HT210948	url:	https://support.apple.com/ja-jp/HT210948	Trust: 0.8
title:	HT210918	url:	https://support.apple.com/ja-jp/HT210918	Trust: 0.8
title:	HT210920	url:	https://support.apple.com/ja-jp/HT210920	Trust: 0.8
title:	HT210922	url:	https://support.apple.com/ja-jp/HT210922	Trust: 0.8
title:	HT210923	url:	https://support.apple.com/ja-jp/HT210923	Trust: 0.8
title:	Multiple Apple product WebKit Fix for component buffer error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110870	Trust: 0.6

sources: JVNDB: JVNDB-2020-002304 // CNNVD: CNNVD-202001-1410

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3825	Trust: 2.7
db:	PACKETSTORM	id:	156153	Trust: 0.8
db:	JVN	id:	JVNVU95678717	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-002304	Trust: 0.8
db:	CNNVD	id:	CNNVD-202001-1410	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.0346	Trust: 0.6
db:	PACKETSTORM	id:	156152	Trust: 0.2
db:	VULHUB	id:	VHN-181950	Trust: 0.1

sources: VULHUB: VHN-181950 // JVNDB: JVNDB-2020-002304 // PACKETSTORM: 156153 // PACKETSTORM: 156152 // CNNVD: CNNVD-202001-1410 // NVD: CVE-2020-3825

REFERENCES

url:	https://support.apple.com/ht210947	Trust: 1.7
url:	https://support.apple.com/ht210948	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3825	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3825	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu95678717/	Trust: 0.8
url:	https://support.apple.com/en-au/ht210795	Trust: 0.6
url:	https://support.apple.com/en-au/ht210794	Trust: 0.6
url:	https://support.apple.com/en-us/ht210947	Trust: 0.6
url:	https://packetstormsecurity.com/files/156153/apple-security-advisory-2020-1-29-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0346/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3826	Trust: 0.2
url:	https://support.apple.com/ht204283	Trust: 0.2
url:	https://support.apple.com/kb/ht201222	Trust: 0.2
url:	https://www.apple.com/support/security/pgp/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3865	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3867	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3868	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3862	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3846	Trust: 0.2

sources: VULHUB: VHN-181950 // JVNDB: JVNDB-2020-002304 // PACKETSTORM: 156153 // PACKETSTORM: 156152 // CNNVD: CNNVD-202001-1410 // NVD: CVE-2020-3825

CREDITS

Apple,Przemysław Sporysz of Euvic

Trust: 0.6

sources: CNNVD: CNNVD-202001-1410

SOURCES

db:	VULHUB	id:	VHN-181950
db:	JVNDB	id:	JVNDB-2020-002304
db:	PACKETSTORM	id:	156153
db:	PACKETSTORM	id:	156152
db:	CNNVD	id:	CNNVD-202001-1410
db:	NVD	id:	CVE-2020-3825

LAST UPDATE DATE

2024-08-14T12:42:29.713000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181950	date:	2021-07-21T00:00:00
db:	JVNDB	id:	JVNDB-2020-002304	date:	2020-03-11T00:00:00
db:	CNNVD	id:	CNNVD-202001-1410	date:	2021-10-29T00:00:00
db:	NVD	id:	CVE-2020-3825	date:	2021-07-21T11:39:23.747

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181950	date:	2020-02-27T00:00:00
db:	JVNDB	id:	JVNDB-2020-002304	date:	2020-03-11T00:00:00
db:	PACKETSTORM	id:	156153	date:	2020-01-30T14:46:35
db:	PACKETSTORM	id:	156152	date:	2020-01-30T14:46:23
db:	CNNVD	id:	CNNVD-202001-1410	date:	2020-01-30T00:00:00
db:	NVD	id:	CVE-2020-3825	date:	2020-02-27T21:15:15.850