Showing 1 - 12 of 12

CVE-2020-3878

Status Candidate

Overview

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.

Related Files

Apple Security Advisory 2020-05-26-4: Posted May 29, 2020; Authored by Apple | Site apple.com; Apple Security Advisory 2020-05-26-4 - tvOS 13.4.5 addresses code execution, cross site scripting, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution, xss; systems | apple; advisories | CVE-2019-20044, CVE-2019-20503, CVE-2020-3878, CVE-2020-9789, CVE-2020-9790, CVE-2020-9791, CVE-2020-9793, CVE-2020-9794, CVE-2020-9795, CVE-2020-9797, CVE-2020-9800, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9808, CVE-2020-9809, CVE-2020-9811, CVE-2020-9812, CVE-2020-9813, CVE-2020-9814, CVE-2020-9815, CVE-2020-9816, CVE-2020-9821, CVE-2020-9827, CVE-2020-9829, CVE-2020-9837; SHA-256 | 56756c475b2db5ca4e461c12f83e7a9e603128c2351ec2fd18890f6185253754; Download | Favorite | View

Apple Security Advisory 2020-05-26-10: Posted May 29, 2020; Authored by Apple | Site apple.com; Apple Security Advisory 2020-05-26-10 - iCloud for Windows 7.19 is now available and addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss; systems | windows, apple; advisories | CVE-2020-3878, CVE-2020-9789, CVE-2020-9790, CVE-2020-9794, CVE-2020-9800, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850; SHA-256 | 62db8b0b76c4b9282432d70396fd37bb8568c629f4d9e8835ed1b611ab0d95bb; Download | Favorite | View

Apple Security Advisory 2020-05-26-9: Posted May 29, 2020; Authored by Apple | Site apple.com; Apple Security Advisory 2020-05-26-9 - iCloud for Windows 11.2 is now available and addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss; systems | windows, apple; advisories | CVE-2020-3878, CVE-2020-9789, CVE-2020-9790, CVE-2020-9794, CVE-2020-9800, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850; SHA-256 | 100cbea4dc7f344692f604cbe8dfab29c51a9e753f7d0e6e5204c16baf6f0880; Download | Favorite | View

Apple Security Advisory 2020-05-26-5: Posted May 29, 2020; Authored by Apple | Site apple.com; Apple Security Advisory 2020-05-26-5 - watchOS 6.2.5 addresses code execution, cross site scripting, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution, xss; systems | apple; advisories | CVE-2019-20044, CVE-2019-20503, CVE-2020-3878, CVE-2020-9789, CVE-2020-9790, CVE-2020-9791, CVE-2020-9793, CVE-2020-9794, CVE-2020-9795, CVE-2020-9797, CVE-2020-9800, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9808, CVE-2020-9809, CVE-2020-9811, CVE-2020-9812, CVE-2020-9813, CVE-2020-9814, CVE-2020-9815, CVE-2020-9816, CVE-2020-9818, CVE-2020-9819, CVE-2020-9821, CVE-2020-9827; SHA-256 | 2a3498bed642fb25a35b285cbccdfdfb4b489e582424bec1bb96cb1b19041e61; Download | Favorite | View

Apple Security Advisory 2020-05-26-8: Posted May 29, 2020; Authored by Apple | Site apple.com; Apple Security Advisory 2020-05-26-8 - iTunes 12.10.7 for Windows addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss; systems | windows, apple; advisories | CVE-2020-3878, CVE-2020-9789, CVE-2020-9790, CVE-2020-9794, CVE-2020-9800, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850; SHA-256 | b54c3b2604ae9bd59edb7cbd324ad1bc43d253eca37d86dbc127855a7ba085f2; Download | Favorite | View

Apple Security Advisory 2020-05-26-3: Posted May 29, 2020; Authored by Apple | Site apple.com; Apple Security Advisory 2020-05-26-3 - macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address bypass, code execution, denial of service, double free, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution; systems | apple; advisories | CVE-2019-14868, CVE-2019-20044, CVE-2020-3878, CVE-2020-3882, CVE-2020-9788, CVE-2020-9789, CVE-2020-9790, CVE-2020-9791, CVE-2020-9792, CVE-2020-9793, CVE-2020-9794, CVE-2020-9795, CVE-2020-9797, CVE-2020-9804, CVE-2020-9808, CVE-2020-9809, CVE-2020-9811, CVE-2020-9812, CVE-2020-9813, CVE-2020-9814, CVE-2020-9815, CVE-2020-9816, CVE-2020-9817, CVE-2020-9821, CVE-2020-9822, CVE-2020-9824, CVE-2020-9825, CVE-2020-9826; SHA-256 | e548dbe3bc45349923003f3bd1e0ad372863e5efd1c4433b30594bf80a645be4; Download | Favorite | View

Apple Security Advisory 2020-05-26-1: Posted May 29, 2020; Authored by Apple | Site apple.com; Apple Security Advisory 2020-05-26-1 - iOS 13.5 and iPadOS 13.5 address bypass, code execution, cross site scripting, denial of service, double free, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.; tags | advisory, denial of service, overflow, vulnerability, code execution, xss; systems | apple, ios; advisories | CVE-2019-20044, CVE-2019-20503, CVE-2020-3878, CVE-2020-6616, CVE-2020-9789, CVE-2020-9790, CVE-2020-9791, CVE-2020-9792, CVE-2020-9793, CVE-2020-9794, CVE-2020-9795, CVE-2020-9797, CVE-2020-9800, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9808, CVE-2020-9809, CVE-2020-9811, CVE-2020-9812, CVE-2020-9813, CVE-2020-9814, CVE-2020-9815, CVE-2020-9816, CVE-2020-9818, CVE-2020-9819; SHA-256 | c0c5b060812bd316b274c589d529f7340c15548e77bf81b29d18618cd79bfb74; Download | Favorite | View

macOS/iOS ImageIO PVR Processing Out-Of-Bounds Read: Posted Feb 7, 2020; Authored by saelo, Google Security Research; macOS and iOS suffer from an ImageIO out-of-bounds read when processing PVR images.; tags | exploit; systems | ios; advisories | CVE-2020-3878; SHA-256 | f6b6615ff3c10615db4544403efd534d79c5bca32c67cc20611c861580487992; Download | Favorite | View

macOS/iOS ImageIO PVR Image Processing Heap Corruption: Posted Feb 7, 2020; Authored by saelo, Google Security Research; macOS and iOS have an ImageIO heap corruption issue when processing malformed PVR images.; tags | exploit; systems | ios; advisories | CVE-2020-3878; SHA-256 | 546388d4bf46530e3c77204e301afd8ecd6eddfbb73e6073087f364fa8d6d25b; Download | Favorite | View