ID

VAR-202004-1995


CVE

CVE-2020-3887


TITLE

plural Apple Product logic vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-003669

DESCRIPTION

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated. plural Apple The product contains a logic vulnerability due to a flawed handling of restrictions.Download source may be incorrectly associated. Apple iOS, etc. are all products of Apple (Apple). Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. Apple iPadOS is an operating system for iPad tablets. WebKit is one of the web browser engine components. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. The following products and versions are affected: Windows-based Apple iCloud versions prior to 7.18 and 10.9.3; Windows-based iTunes versions prior to 12.10.5; iOS versions prior to 13.4; iPadOS versions prior to 13.4; Safari versions prior to 13.1; tvOS Versions prior to 13.4. Installation note: Safari 13.1 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-03-24-1 iOS 13.4 and iPadOS 13.4 iOS 13.4 and iPadOS 13.4 are now available and address the following: ActionKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to use an SSH client provided by private frameworks Description: This issue was addressed with a new entitlement. CVE-2020-3917: Steven Troughton-Smith (@stroughtonsmith) AppleMobileFileIntegrity Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-3883: Linus Henze (pinauten.de) Bluetooth Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic Description: A logic issue was addressed with improved state management. CVE-2020-9770: Jianliang Wu of PurSec Lab of Purdue University, Xinwen Fu and Yue Zhang of the University of Central Florida CoreFoundation Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to elevate privileges Description: A permissions issue existed. CVE-2020-3913: Timo Christ of Avira Operations GmbH & Co. KG Icons Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Setting an alternate app icon may disclose a photo without needing permission to access photos Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-3916: Vitaliy Alekseev (@villy21) Icons Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to identify what other applications a user has installed Description: The issue was addressed with improved handling of icon caches. CVE-2020-9773: Chilik Tamir of Zimperium zLabs Image Processing Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9768: Mohamed Ghannam (@_simo36) IOHIDFamily Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-3919: an anonymous researcher Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-3914: pattern-f (@pattern_F_) of WaCai Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved state management. CVE-2020-9785: Proteas of Qihoo 360 Nirvan Team libxml2 Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Multiple issues in libxml2 Description: A buffer overflow was addressed with improved size validation. CVE-2020-3910: LGTM.com libxml2 Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Multiple issues in libxml2 Description: A buffer overflow was addressed with improved bounds checking. CVE-2020-3909: LGTM.com CVE-2020-3911: found by OSS-Fuzz Mail Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A local user may be able to view deleted content in the app switcher Description: The issue was resolved by clearing application previews when content is deleted. CVE-2020-9780: an anonymous researcher, Dimitris Chaintinis Mail Attachments Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Cropped videos may not be shared properly via Mail Description: An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest version of a video. CVE-2020-9777 Messages Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A person with physical access to a locked iOS device may be able to respond to messages even when replies are disabled Description: A logic issue was addressed with improved state management. CVE-2020-3891: Peter Scott Messages Composition Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Deleted messages groups may still be suggested as an autocompletion Description: The issue was addressed with improved deletion. CVE-2020-3890: an anonymous researcher Safari Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A user's private browsing activity may be unexpectedly saved in Screen Time Description: An issue existed in the handling of tabs displaying picture in picture video. CVE-2020-9775: an anonymous researcher, Marek Wawro (futurefinance.com) and Sambor Wawro of STO64 School Krakow Poland Safari Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A user may grant website permissions to a site they didn't intend to Description: The issue was addressed by clearing website permission prompts after navigation. CVE-2020-9781: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) Web App Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A maliciously crafted page may interfere with other web contexts Description: A logic issue was addressed with improved restrictions. CVE-2020-3888: Darren Jones of Dappological Ltd. WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to read restricted memory Description: A race condition was addressed with additional validation. CVE-2020-3894: Sergei Glazunov of Google Project Zero WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling. CVE-2020-3899: found by OSS-Fuzz WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: An input validation issue was addressed with improved input validation. CVE-2020-3902: Yiğit Can YILMAZ (@yilmazcanyigit) WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2020-3895: grigoritchy CVE-2020-3900: Dongzhuo Zhao working with ADLab of Venustech WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2020-3901: Benjamin Randazzo (@____benjamin) WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A download's origin may be incorrectly associated Description: A logic issue was addressed with improved restrictions. CVE-2020-3887: Ryan Pickren (ryanpickren.com) WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-9783: Apple WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2020-3897: Brendan Draper (@6r3nd4n) working with Trend Micro’s Zero Day Initiative WebKit Page Loading Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A file URL may be incorrectly processed Description: A logic issue was addressed with improved restrictions. CVE-2020-3885: Ryan Pickren (ryanpickren.com) Additional recognition FontParser We would like to acknowledge Matthew Denton of Google Chrome for their assistance. Kernel We would like to acknowledge Siguza for their assistance. LinkPresentation We would like to acknowledge Travis for their assistance. Notes We would like to acknowledge Mike DiLoreto for their assistance. rapportd We would like to acknowledge Alexander Heinrich (@Sn0wfreeze) of Technische Universität Darmstadt for their assistance. Safari Reader We would like to acknowledge Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) for their assistance. Sidecar We would like to acknowledge Rick Backley (@rback_sec) for their assistance. SiriKit We would like to acknowledge Ioan Florescu and Ki Ha Nam for their assistance. WebKit We would like to acknowledge Emilio Cobos Álvarez of Mozilla, Samuel Groß of Google Project Zero, and an anonymous researcher for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 13.4 and iPadOS 13.4". -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJeekZMAAoJEAc+Lhnt8tDNKCgP/3pVmWn5xSJ/VS0kgOY3XsuF dy80y4fIR+0y0Gx2t06RY/5fROnZWYpCs7TjWg0ZoWF73wplM6nfR19QaS0evqrK KJq46grrKHnhgrmSqCzNiar5uYm6/S3BLCueikeqAX2osMOI/rmWGy0/BFxgv6vL OS6n9n6NO0V9wQQdnOveWMARi0w9M3S07j86T4OUNEw49Z3dNcndP6HYxagQAP1Y 7O26ls+HkgH7mbHxvUN0WqtmTCaOgB4pXeTCrd4d/ev1LTiO4NH00DcaC6a2adhD c7TZO9Ba5H15XVVpkPQqFfiKVfjvQcPrTmKk0mdaLnDOB2ntUnvKplCeZPTFefGw ZidI9SYUnPWJ4ITxji48PcRhbHALW59PYnhHvRRfxyqYhwsNus9i3UZNXkjm5U0D hdDevEztCnkAsqZWq9hvCwDrsIvvlGrueuCC6jqODSNWucod/inOvGZ2N0/rwc/r UtlGyZtQj9rWvZix0daOEWYnwSoV09XuIhUlcEEG/CU1XlVOCAD01n02zIGcLc2C Rm/61L08KcRDRvBLsNEYDgfnvxj2Lsyi2wf8L0VGpkHJkoDifLh64fPYshjhL6t5 OeKelaH5yPeTdu2bs4ispTmlUJ9NYVHxyDeWGdtz4sfCFAji+pK9uFHFh3woVs6U QZLTM48mlSBSN+txWmsZ =K2in -----END PGP SIGNATURE-----

Trust: 2.25

sources: NVD: CVE-2020-3887 // JVNDB: JVNDB-2020-003669 // VULHUB: VHN-182012 // PACKETSTORM: 156947 // PACKETSTORM: 156904 // PACKETSTORM: 156906 // PACKETSTORM: 156946 // PACKETSTORM: 156896 // PACKETSTORM: 156892

AFFECTED PRODUCTS

vendor:applemodel:itunesscope:ltversion:12.10.5

Trust: 1.0

vendor:applemodel:ipad osscope:ltversion:13.4

Trust: 1.0

vendor:applemodel:safariscope:ltversion:13.1

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:13.4

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:7.18

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:10.9.3

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:13.4

Trust: 1.0

vendor:applemodel:icloudscope:gteversion:10.0.0

Trust: 1.0

vendor:applemodel:safariscope:eqversion:13.1 未満 (macos high sierra)

Trust: 0.8

vendor:applemodel:safariscope:eqversion:13.1 未満 (macos mojave)

Trust: 0.8

vendor:applemodel:iosscope:eqversion:13.4 未満 (ipod touch 第 7 世代)

Trust: 0.8

vendor:applemodel:safariscope:eqversion:13.1 未満 (macos catalina)

Trust: 0.8

vendor:applemodel:ipadosscope:eqversion:13.4 未満 (ipad air 2 以降)

Trust: 0.8

vendor:applemodel:icloudscope:eqversion:for windows 7.18 未満 (windows 10 以降)

Trust: 0.8

vendor:applemodel:icloudscope:eqversion:for windows 10.9.3 未満 (windows 7 以降)

Trust: 0.8

vendor:applemodel:itunesscope:eqversion:for windows 12.10.5 未満 (windows 7 以降)

Trust: 0.8

vendor:applemodel:tvosscope:eqversion:13.4 未満 (apple tv 4k)

Trust: 0.8

vendor:applemodel:ipadosscope:eqversion:13.4 未満 (ipad mini 4 以降)

Trust: 0.8

vendor:applemodel:watchosscope:eqversion:6.4 未満 (apple watch series 1 以降)

Trust: 0.8

vendor:applemodel:tvosscope:eqversion:13.4 未満 (apple tv hd)

Trust: 0.8

vendor:applemodel:iosscope:eqversion:13.4 未満 (iphone 6s 以降)

Trust: 0.8

sources: JVNDB: JVNDB-2020-003669 // NVD: CVE-2020-3887

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3887
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-003669
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202003-1564
value: MEDIUM

Trust: 0.6

VULHUB: VHN-182012
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3887
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-003669
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-182012
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3887
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-003669
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-182012 // JVNDB: JVNDB-2020-003669 // CNNVD: CNNVD-202003-1564 // NVD: CVE-2020-3887

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2020-003669 // NVD: CVE-2020-3887

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202003-1564

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202003-1564

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-003669

PATCH

title:HT211107url:https://support.apple.com/en-us/HT211107

Trust: 0.8

title:HT211101url:https://support.apple.com/en-us/HT211101

Trust: 0.8

title:HT211102url:https://support.apple.com/en-us/HT211102

Trust: 0.8

title:HT211104url:https://support.apple.com/en-us/HT211104

Trust: 0.8

title:HT211105url:https://support.apple.com/en-us/HT211105

Trust: 0.8

title:HT211106url:https://support.apple.com/en-us/HT211106

Trust: 0.8

title:HT211101url:https://support.apple.com/ja-jp/HT211101

Trust: 0.8

title:HT211102url:https://support.apple.com/ja-jp/HT211102

Trust: 0.8

title:HT211104url:https://support.apple.com/ja-jp/HT211104

Trust: 0.8

title:HT211105url:https://support.apple.com/ja-jp/HT211105

Trust: 0.8

title:HT211106url:https://support.apple.com/ja-jp/HT211106

Trust: 0.8

title:HT211107url:https://support.apple.com/ja-jp/HT211107

Trust: 0.8

title:Multiple Apple product WebKit Fixes for component security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=112976

Trust: 0.6

sources: JVNDB: JVNDB-2020-003669 // CNNVD: CNNVD-202003-1564

EXTERNAL IDS

db:NVDid:CVE-2020-3887

Trust: 3.1

db:JVNid:JVNVU96545608

Trust: 0.8

db:JVNDBid:JVNDB-2020-003669

Trust: 0.8

db:CNNVDid:CNNVD-202003-1564

Trust: 0.7

db:VULHUBid:VHN-182012

Trust: 0.1

db:PACKETSTORMid:156947

Trust: 0.1

db:PACKETSTORMid:156904

Trust: 0.1

db:PACKETSTORMid:156906

Trust: 0.1

db:PACKETSTORMid:156946

Trust: 0.1

db:PACKETSTORMid:156896

Trust: 0.1

db:PACKETSTORMid:156892

Trust: 0.1

sources: VULHUB: VHN-182012 // JVNDB: JVNDB-2020-003669 // PACKETSTORM: 156947 // PACKETSTORM: 156904 // PACKETSTORM: 156906 // PACKETSTORM: 156946 // PACKETSTORM: 156896 // PACKETSTORM: 156892 // CNNVD: CNNVD-202003-1564 // NVD: CVE-2020-3887

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2020-3887

Trust: 2.0

url:https://support.apple.com/ht211101

Trust: 1.7

url:https://support.apple.com/ht211102

Trust: 1.7

url:https://support.apple.com/ht211104

Trust: 1.7

url:https://support.apple.com/ht211105

Trust: 1.7

url:https://support.apple.com/ht211106

Trust: 1.7

url:https://support.apple.com/ht211107

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3887

Trust: 0.8

url:https://jvn.jp/vu/jvnvu96545608/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-3899

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-3900

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-3901

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-3902

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-3897

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-3894

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-3895

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-3885

Trust: 0.6

url:https://support.apple.com/en-us/ht211107

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-9783

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-3911

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-3910

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-3909

Trust: 0.5

url:https://support.apple.com/ht204283

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3883

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-9773

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-9768

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3914

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3917

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3919

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-9784

Trust: 0.1

url:https://www.apple.com/itunes/download/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9785

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9780

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3890

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3888

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9770

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9781

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9777

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3891

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3913

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9775

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3916

Trust: 0.1

sources: VULHUB: VHN-182012 // JVNDB: JVNDB-2020-003669 // PACKETSTORM: 156947 // PACKETSTORM: 156904 // PACKETSTORM: 156906 // PACKETSTORM: 156946 // PACKETSTORM: 156896 // PACKETSTORM: 156892 // CNNVD: CNNVD-202003-1564 // NVD: CVE-2020-3887

CREDITS

Apple

Trust: 0.6

sources: PACKETSTORM: 156947 // PACKETSTORM: 156904 // PACKETSTORM: 156906 // PACKETSTORM: 156946 // PACKETSTORM: 156896 // PACKETSTORM: 156892

SOURCES

db:VULHUBid:VHN-182012
db:JVNDBid:JVNDB-2020-003669
db:PACKETSTORMid:156947
db:PACKETSTORMid:156904
db:PACKETSTORMid:156906
db:PACKETSTORMid:156946
db:PACKETSTORMid:156896
db:PACKETSTORMid:156892
db:CNNVDid:CNNVD-202003-1564
db:NVDid:CVE-2020-3887

LAST UPDATE DATE

2024-08-14T12:38:49.700000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-182012date:2020-04-03T00:00:00
db:JVNDBid:JVNDB-2020-003669date:2020-04-22T00:00:00
db:CNNVDid:CNNVD-202003-1564date:2021-10-29T00:00:00
db:NVDid:CVE-2020-3887date:2020-04-03T22:45:34.617

SOURCES RELEASE DATE

db:VULHUBid:VHN-182012date:2020-04-01T00:00:00
db:JVNDBid:JVNDB-2020-003669date:2020-04-22T00:00:00
db:PACKETSTORMid:156947date:2020-03-28T14:19:08
db:PACKETSTORMid:156904date:2020-03-25T14:34:53
db:PACKETSTORMid:156906date:2020-03-25T14:36:33
db:PACKETSTORMid:156946date:2020-03-28T14:18:46
db:PACKETSTORMid:156896date:2020-03-25T14:25:02
db:PACKETSTORMid:156892date:2020-03-25T14:20:32
db:CNNVDid:CNNVD-202003-1564date:2020-03-25T00:00:00
db:NVDid:CVE-2020-3887date:2020-04-01T18:15:15.880