CVE-2020-9947

Sažetak

A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Safari 14.0. Processing maliciously crafted web content may lead to arbitrary code execution.

Reference

https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211845
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211952
http://www.openwall.com/lists/oss-security/2021/03/22/1
https://security.gentoo.org/glsa/202104-03

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

02-06-2022 - 18:56

Objavljeno

08-12-2020 - 20:15