Sign-up

ID

VAR-202012-1510


CVE

CVE-2020-9999


TITLE

plural  Apple  Memory corruption vulnerability in the product

Trust: 0.8

sources: JVNDB: JVNDB-2020-014249

DESCRIPTION

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the CoreText library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.The specific flaw exists within the parsing of TTF fonts. Crafted data in a TTF file can trigger a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Apple macOS is a set of dedicated operating systems developed by Apple Corporation for Mac computers. The following products and versions are affected: Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)

Trust: 2.34

sources: NVD: CVE-2020-9999 // JVNDB: JVNDB-2020-014249 // ZDI: ZDI-20-1406 // VULHUB: VHN-188124

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:ltversion:11.0.1

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:14.0

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:14.0

Trust: 1.0

vendor:applemodel:itunesscope:ltversion:12.10.9

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:7.0

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.0

Trust: 1.0

vendor:applemodel:icloudscope:ltversion:11.5.0

Trust: 1.0

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

vendor:アップルmodel:itunesscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope:eqversion:7.0

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:icloudscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope:ltversion:(apple watch series 3 or later )

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:applemodel:macosscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-20-1406 // JVNDB: JVNDB-2020-014249 // NVD: CVE-2020-9999

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-9999
value: HIGH

Trust: 1.0

NVD: CVE-2020-9999
value: HIGH

Trust: 0.8

ZDI: CVE-2020-9999
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202011-1339
value: HIGH

Trust: 0.6

VULHUB: VHN-188124
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-9999
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-188124
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-9999
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2020-9999
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-9999
baseSeverity: HIGH
baseScore: 7.8
vectorString: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-1406 // VULHUB: VHN-188124 // JVNDB: JVNDB-2020-014249 // CNNVD: CNNVD-202011-1339 // NVD: CVE-2020-9999

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:Out-of-bounds writing (CWE-787) [NVD Evaluation ]

Trust: 0.8

problemtype:CWE-119

Trust: 0.1

sources: VULHUB: VHN-188124 // JVNDB: JVNDB-2020-014249 // NVD: CVE-2020-9999

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202011-1339

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202011-1339

PATCH

title:HT211935 Apple  Security updateurl:https://support.apple.com/en-us/HT211843

Trust: 0.8

title:Multiple Apple Product Buffer Error Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=136409

Trust: 0.6

sources: JVNDB: JVNDB-2020-014249 // CNNVD: CNNVD-202011-1339

EXTERNAL IDS

db:NVDid:CVE-2020-9999

Trust: 3.3

db:JVNid:JVNVU92546061

Trust: 0.8

db:JVNid:JVNVU99462952

Trust: 0.8

db:JVNid:JVNVU92370378

Trust: 0.8

db:JVNDBid:JVNDB-2020-014249

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-11828

Trust: 0.7

db:ZDIid:ZDI-20-1406

Trust: 0.7

db:AUSCERTid:ESB-2020.4060

Trust: 0.6

db:AUSCERTid:ESB-2020.4060.2

Trust: 0.6

db:CNNVDid:CNNVD-202011-1339

Trust: 0.6

db:VULHUBid:VHN-188124

Trust: 0.1

db:VULMONid:CVE-2020-9999

Trust: 0.1

sources: ZDI: ZDI-20-1406 // VULHUB: VHN-188124 // VULMON: CVE-2020-9999 // JVNDB: JVNDB-2020-014249 // CNNVD: CNNVD-202011-1339 // NVD: CVE-2020-9999

REFERENCES

url:https://support.apple.com/kb/ht211843

Trust: 1.7

url:https://support.apple.com/kb/ht211844

Trust: 1.7

url:https://support.apple.com/kb/ht211850

Trust: 1.7

url:https://support.apple.com/kb/ht211935

Trust: 1.7

url:http://seclists.org/fulldisclosure/2020/dec/32

Trust: 1.7

url:https://support.apple.com/en-us/ht211931

Trust: 1.7

url:https://support.apple.com/en-us/ht211952

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-9999

Trust: 1.4

url:https://jvn.jp/vu/jvnvu92546061/

Trust: 0.8

url:https://jvn.jp/vu/jvnvu92370378/

Trust: 0.8

url:http://jvn.jp/vu/jvnvu99462952/index.html

Trust: 0.8

url:https://support.apple.com/en-us/ht211935

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-11-multiple-vulnerabilities-33899

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4060/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4060.2/

Trust: 0.6

url:https://support.apple.com/en-us/ht211844

Trust: 0.6

sources: VULHUB: VHN-188124 // JVNDB: JVNDB-2020-014249 // CNNVD: CNNVD-202011-1339 // NVD: CVE-2020-9999

CREDITS

Mickey Jin & Junzhi Lu of Trend Micro Mobile Security Research Team

Trust: 0.7

sources: ZDI: ZDI-20-1406

SOURCES

db:ZDIid:ZDI-20-1406
db:VULHUBid:VHN-188124
db:VULMONid:CVE-2020-9999
db:JVNDBid:JVNDB-2020-014249
db:CNNVDid:CNNVD-202011-1339
db:NVDid:CVE-2020-9999

LAST UPDATE DATE

2024-11-23T20:54:09.721000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-20-1406date:2020-12-08T00:00:00
db:VULHUBid:VHN-188124date:2021-07-21T00:00:00
db:VULMONid:CVE-2020-9999date:2021-03-11T00:00:00
db:JVNDBid:JVNDB-2020-014249date:2021-08-12T08:50:00
db:CNNVDid:CNNVD-202011-1339date:2021-11-03T00:00:00
db:NVDid:CVE-2020-9999date:2024-11-21T05:41:40.180

SOURCES RELEASE DATE

db:ZDIid:ZDI-20-1406date:2020-12-08T00:00:00
db:VULHUBid:VHN-188124date:2020-12-08T00:00:00
db:VULMONid:CVE-2020-9999date:2020-12-08T00:00:00
db:JVNDBid:JVNDB-2020-014249date:2021-08-12T00:00:00
db:CNNVDid:CNNVD-202011-1339date:2020-11-13T00:00:00
db:NVDid:CVE-2020-9999date:2020-12-08T20:15:18.357