Home

CVE-2020-9883

Description

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.06

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities fixed in Apple iTunes (X64) (12.10.8.5)Windows
Multiple vulnerabilities fixed in Apple iTunes (12.10.8.5)Windows
Multiple vulnerabilities fixed in iCloud 11.3Windows
Multiple vulnerabilities fixed in iCloud (7.20.0.17)Windows
Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.9.6Windows
Multiple Vulnerabilities are affected in Apple iTunes 12.9.6Windows
Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.10.7Windows
Multiple Vulnerabilities are affected in Apple iTunes 12.10.7Windows
Multiple vulnerabilities are fixed in MacOS Catalina 10.15.6Mac
Multiple vulnerabilities are fixed in macOS Catalina 10.15.6 Combo UpdateMac
Multiple Vulnerabilities are affected in Apple iTunes For Mac 12.10.5Mac
Multiple Vulnerabilities are affected in Apple iTunes For Mac 12.10.7Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-315306Apple iTunes (X64) (12.10.8.5)
PATCH-315305Apple iTunes (12.10.8.5)
PATCH-316162iCloud (7.21.0.23) (Deployment-Only)
PATCH-315452iCloud (7.20.0.17)
PATCH-310919Apple iTunes (X64) (12.10.0.7)
PATCH-310917Apple iTunes (12.10.0.7)
PATCH-602673MacOS Catalina 10.15.7 - Auto Reboot
PATCH-602674macOS Catalina 10.15.7 Combo Update - Auto Reboot

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234