ID

VAR-202010-1237


CVE

CVE-2020-9916


TITLE

plural Apple In the product URL Unicode Encoding vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-009857

DESCRIPTION

A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the destination of a URL. Apple Safari, etc. are all products of Apple (Apple). Apple Safari is a web browser that is the default browser included with the Mac OS X and iOS operating systems. Apple iOS is an operating system developed for mobile devices. Apple tvOS is a smart TV operating system. WebKit Page Loading is one of the page loading components. A security vulnerability exists in the WebKit Page Loading component in several Apple products. The following products and versions are affected: Apple Safari prior to 13.1.2; iOS prior to 13.6; iPadOS prior to 13.6; tvOS prior to 13.4.8; watchOS prior to 6.2.8; Windows-based iTunes prior to 12.10.8. Alternatively, on your watch, select "My Watch > General > About". CVE-2020-9862: Ophir Lojkine (@lovasoa) Installation note: Safari 13.1.2 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6 iOS 13.6 and iPadOS 13.6 are now available and address the following: Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9888: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab CVE-2020-9890: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab CVE-2020-9891: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab Audio Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9889: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab AVEVideoEncoder Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2020-9907: an anonymous researcher Bluetooth Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may cause an unexpected application termination Description: A denial of service issue was addressed with improved input validation. CVE-2020-9931: Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab CoreFoundation Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A local user may be able to view sensitive user information Description: An issue existed in the handling of environment variables. CVE-2020-9934: an anonymous researcher Crash Reporter Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to break out of its sandbox Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud GeoServices Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to read sensitive location information Description: An authorization issue was addressed with improved state management. CVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc. iAP Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: An input validation issue existed in Bluetooth. CVE-2020-9914: Andy Davis of NCC Group ImageIO Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2020-9936: Mickey Jin of Trend Micro Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2020-9923: Proteas Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel Description: A routing issue was addressed with improved restrictions. CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. Crandall Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2020-9909: Brandon Azad of Google Project Zero Mail Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker can cause a limited out-of-bounds write, resulting in a denial of service Description: An input validation issue was addressed. CVE-2019-19906 Messages Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A user that is removed from an iMessage group could rejoin the group Description: An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. CVE-2020-9885: an anonymous researcher, Suryansh Mansharamani, of WWP High School North (medium.com/@suryanshmansha) Model I/O Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2020-9878: Holger Fuhrmannek of Deutsche Telekom Security Safari Login AutoFill Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious attacker may cause Safari to suggest a password for the wrong domain Description: A logic issue was addressed with improved restrictions. CVE-2020-9903: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) Safari Reader Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy Description: A logic issue was addressed with improved restrictions. CVE-2020-9911: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com) WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: An access issue existed in Content Security Policy. CVE-2020-9915: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative CVE-2020-9895: Wen Xu of SSLab, Georgia Tech WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2020-9925: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: Multiple issues were addressed with improved logic. CVE-2020-9910: Samuel Groß of Google Project Zero WebKit Page Loading Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A malicious attacker may be able to conceal the destination of a URL Description: A URL Unicode encoding issue was addressed with improved state management. CVE-2020-9916: Rakesh Mane (@RakeshMane10) WebKit Web Inspector Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Copying a URL from Web Inspector may lead to command injection Description: A command injection issue existed in Web Inspector. CVE-2020-9862: Ophir Lojkine (@lovasoa) Wi-Fi Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud (bugcloud.360.cn) WiFi Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-9917: an anonymous researcher, Pradeep Deokate of Harman Additional recognition Bluetooth We would like to acknowledge Andy Davis of NCC Group for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. USB Audio We would like to acknowledge Andy Davis of NCC Group for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 13.6 and iPadOS 13.6". -----BEGIN PGP SIGNATURE----- iQIyBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl8POhUACgkQBz4uGe3y 0M3VAA/3ciev1rSP1w547PW3gsdGviEqUD6d5cNWfVKyIywIwqhXD24bNn471XPe ufoLyxB/SlH9yKcHjuNYmeL+tu+4Gqx+YvaNTrKkBlh0DP7bB7y1vKVDbHjTsSbx ecrPfDI3ZHXXux9+1fYZ47ISnJDakqVEI3bAw7JFtwL4DmQYdyk+xaUVTXTXksoV YwXin1usgQUZp921ygUNzP5kMwwdmbwenMS+U5s270TlSFPLflB61iykZCEOt7n4 sQqpv1A1GQPigTAPZOevl/TyfUAzRxXhOjXoBw6GSHXmfrLdkT72cw+VuIxZ2rpG 5VGkORd8S0PNDPndLYUb3VxKa4GucbuFd/f4YY4xhJuyZj1ANidPmSn1QkviqCjz 47pvdvWIQpRAQZv4yhlCfcZPYYwkHOPLsmSYbUdfKZvMHx+GneJp4T6ofZ5E7pvQ W354Asbg8fSFbx0jbmQpI0jJIgwLy8ydMVf1HsqToM/mSwTRQBjONNGQweHIdfXQ Z1PJ4cmOTutRmGLgDHIikVkq8mIu+1EOWBkLAXoZrn7d9pbosHZG/5OT3rpXpQU2 FykbSj7EkVyEJ978rAaynixaiuNbaw39osKaP4H5LcFhzyM8tF3paiR0gXKhizTB w57KB0YW0QrWBupRIdAd+yH2jt6iNviLfkq7fUAzZ3hb1iikVw== =Tlxk -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2020-9916 // JVNDB: JVNDB-2020-009857 // VULHUB: VHN-188041 // VULMON: CVE-2020-9916 // PACKETSTORM: 158461 // PACKETSTORM: 158466 // PACKETSTORM: 158456 // PACKETSTORM: 158458

AFFECTED PRODUCTS

vendor:applemodel:icloudscope:ltversion:11.3

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:7.20

Trust: 1.0

vendor:applemodel:itunesscope:ltversion:12.10.8

Trust: 1.0

vendor:applemodel:safariscope:ltversion:13.1.2

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:13.4.8

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:6.2.8

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:13.6

Trust: 1.0

vendor:applemodel:icloudscope:gteversion:11.0

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:13.6

Trust: 1.0

vendor:applemodel:safariscope:eqversion:13.1.2 未満 (macos high sierra)

Trust: 0.8

vendor:applemodel:icloudscope:eqversion:7.20 未満 (windows 7 以降)

Trust: 0.8

vendor:applemodel:iosscope:eqversion:13.6 未満 (iphone 6s 以降)

Trust: 0.8

vendor:applemodel:ipadosscope:eqversion:13.6 未満 (ipad mini 4 以降)

Trust: 0.8

vendor:applemodel:safariscope:eqversion:13.1.2 未満 (macos mojave)

Trust: 0.8

vendor:applemodel:icloudscope:eqversion:11.3 未満 (microsoft store から入手した windows 10 以降)

Trust: 0.8

vendor:applemodel:watchosscope:eqversion:6.2.8 未満 (apple watch series 1 以降)

Trust: 0.8

vendor:applemodel:iosscope:eqversion:13.6 未満 (ipod touch 第 7 世代)

Trust: 0.8

vendor:applemodel:tvosscope:eqversion:13.4.8 未満 (apple tv hd)

Trust: 0.8

vendor:applemodel:ipadosscope:eqversion:13.6 未満 (ipad air 2 以降)

Trust: 0.8

vendor:applemodel:tvosscope:eqversion:13.4.8 未満 (apple tv 4k)

Trust: 0.8

vendor:applemodel:itunesscope:eqversion:for windows 12.10.8 未満 (windows 7 以降)

Trust: 0.8

vendor:applemodel:safariscope:eqversion:13.1.2 未満 (macos catalina)

Trust: 0.8

sources: JVNDB: JVNDB-2020-009857 // NVD: CVE-2020-9916

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-9916
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-009857
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202007-1138
value: MEDIUM

Trust: 0.6

VULHUB: VHN-188041
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-9916
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-9916
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-009857
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-188041
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-9916
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-009857
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-188041 // VULMON: CVE-2020-9916 // JVNDB: JVNDB-2020-009857 // CNNVD: CNNVD-202007-1138 // NVD: CVE-2020-9916

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2020-9916

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202007-1138

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202007-1138

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-009857

PATCH

title:HT211292url:https://support.apple.com/en-us/HT211292

Trust: 0.8

title:HT211293url:https://support.apple.com/en-us/HT211293

Trust: 0.8

title:HT211294url:https://support.apple.com/en-us/HT211294

Trust: 0.8

title:HT211295url:https://support.apple.com/en-us/HT211295

Trust: 0.8

title:HT211288url:https://support.apple.com/en-us/HT211288

Trust: 0.8

title:HT211290url:https://support.apple.com/en-us/HT211290

Trust: 0.8

title:HT211291url:https://support.apple.com/en-us/HT211291

Trust: 0.8

title:HT211293url:https://support.apple.com/ja-jp/HT211293

Trust: 0.8

title:HT211294url:https://support.apple.com/ja-jp/HT211294

Trust: 0.8

title:HT211295url:https://support.apple.com/ja-jp/HT211295

Trust: 0.8

title:HT211288url:https://support.apple.com/ja-jp/HT211288

Trust: 0.8

title:HT211290url:https://support.apple.com/ja-jp/HT211290

Trust: 0.8

title:HT211291url:https://support.apple.com/ja-jp/HT211291

Trust: 0.8

title:HT211292url:https://support.apple.com/ja-jp/HT211292

Trust: 0.8

title:Multiple Apple product WebKit Page Loading Fixes for component security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=124593

Trust: 0.6

title:Apple: iCloud for Windows 7.20url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=50e6b35a047c9702f4cdebdf81483b05

Trust: 0.1

title:Apple: iCloud for Windows 11.3url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=947a08401ec7e5f309d5ae26f5006f48

Trust: 0.1

title:Apple: iOS 13.6 and iPadOS 13.6url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=a82d39d4c9a42fcf07757428b2f562b3

Trust: 0.1

sources: VULMON: CVE-2020-9916 // JVNDB: JVNDB-2020-009857 // CNNVD: CNNVD-202007-1138

EXTERNAL IDS

db:NVDid:CVE-2020-9916

Trust: 3.0

db:JVNid:JVNVU95491800

Trust: 0.8

db:JVNid:JVNVU94090210

Trust: 0.8

db:JVNDBid:JVNDB-2020-009857

Trust: 0.8

db:CNNVDid:CNNVD-202007-1138

Trust: 0.7

db:PACKETSTORMid:158466

Trust: 0.7

db:AUSCERTid:ESB-2020.2434

Trust: 0.6

db:CNVDid:CNVD-2020-51498

Trust: 0.1

db:VULHUBid:VHN-188041

Trust: 0.1

db:VULMONid:CVE-2020-9916

Trust: 0.1

db:PACKETSTORMid:158461

Trust: 0.1

db:PACKETSTORMid:158456

Trust: 0.1

db:PACKETSTORMid:158458

Trust: 0.1

sources: VULHUB: VHN-188041 // VULMON: CVE-2020-9916 // JVNDB: JVNDB-2020-009857 // PACKETSTORM: 158461 // PACKETSTORM: 158466 // PACKETSTORM: 158456 // PACKETSTORM: 158458 // CNNVD: CNNVD-202007-1138 // NVD: CVE-2020-9916

REFERENCES

url:https://support.apple.com/ht211288

Trust: 1.8

url:https://support.apple.com/ht211290

Trust: 1.8

url:https://support.apple.com/ht211291

Trust: 1.8

url:https://support.apple.com/ht211292

Trust: 1.8

url:https://support.apple.com/ht211293

Trust: 1.8

url:https://support.apple.com/ht211294

Trust: 1.8

url:https://support.apple.com/ht211295

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-9916

Trust: 1.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9916

Trust: 0.8

url:http://jvn.jp/vu/jvnvu94090210/index.html

Trust: 0.8

url:http://jvn.jp/vu/jvnvu95491800/index.html

Trust: 0.8

url:https://support.apple.com/en-us/ht211291

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2434/

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-multiple-vulnerabilities-32847

Trust: 0.6

url:https://support.apple.com/en-us/ht211295

Trust: 0.6

url:https://support.apple.com/kb/ht211294

Trust: 0.6

url:https://support.apple.com/kb/ht211293

Trust: 0.6

url:https://support.apple.com/kb/ht211292

Trust: 0.6

url:https://packetstormsecurity.com/files/158466/apple-security-advisory-2020-07-15-5.html

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-9915

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-9925

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-9894

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-9910

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-9895

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-9893

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-9862

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-9918

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9889

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9909

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9933

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9888

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9891

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9890

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9865

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-9923

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-9885

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-9936

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-9911

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-9903

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-9914

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14899

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-9907

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/185389

Trust: 0.1

url:https://support.apple.com/kb/ht204641

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9912

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9878

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19906

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9931

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9917

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-9934

Trust: 0.1

sources: VULHUB: VHN-188041 // VULMON: CVE-2020-9916 // JVNDB: JVNDB-2020-009857 // PACKETSTORM: 158461 // PACKETSTORM: 158466 // PACKETSTORM: 158456 // PACKETSTORM: 158458 // CNNVD: CNNVD-202007-1138 // NVD: CVE-2020-9916

CREDITS

Rakesh Mane (@RakeshMane10)

Trust: 0.6

sources: CNNVD: CNNVD-202007-1138

SOURCES

db:VULHUBid:VHN-188041
db:VULMONid:CVE-2020-9916
db:JVNDBid:JVNDB-2020-009857
db:PACKETSTORMid:158461
db:PACKETSTORMid:158466
db:PACKETSTORMid:158456
db:PACKETSTORMid:158458
db:CNNVDid:CNNVD-202007-1138
db:NVDid:CVE-2020-9916

LAST UPDATE DATE

2024-08-14T12:28:39.018000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-188041date:2023-01-09T00:00:00
db:VULMONid:CVE-2020-9916date:2020-10-20T00:00:00
db:JVNDBid:JVNDB-2020-009857date:2020-12-10T08:05:02
db:CNNVDid:CNNVD-202007-1138date:2023-01-10T00:00:00
db:NVDid:CVE-2020-9916date:2023-01-09T16:41:59.350

SOURCES RELEASE DATE

db:VULHUBid:VHN-188041date:2020-10-16T00:00:00
db:VULMONid:CVE-2020-9916date:2020-10-16T00:00:00
db:JVNDBid:JVNDB-2020-009857date:2020-12-10T08:05:02
db:PACKETSTORMid:158461date:2020-07-17T19:28:19
db:PACKETSTORMid:158466date:2020-07-17T19:35:50
db:PACKETSTORMid:158456date:2020-07-17T19:23:30
db:PACKETSTORMid:158458date:2020-07-17T19:24:07
db:CNNVDid:CNNVD-202007-1138date:2020-07-15T00:00:00
db:NVDid:CVE-2020-9916date:2020-10-16T17:15:17.137