Home

CVE-2020-9999

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.688

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities fixed in Apple iTunes (X64) (12.10.9.3)Windows
Multiple vulnerabilities fixed in Apple iTunes (12.10.9.3)Windows
Multiple vulnerabilities fixed in iCloud 11.5Windows
Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.9.6Windows
Multiple Vulnerabilities are affected in Apple iTunes 12.9.6Windows
Multiple Vulnerabilities are affected in Apple iTunes (X64) 12.10.8Windows
Multiple Vulnerabilities are affected in Apple iTunes 12.10.8Windows
Vulnerabilities CVE-2020-9849,CVE-2020-9876,CVE-2020-9961,CVE-2020-9999 are affected in Apple iTunes For Mac 12.10.8Mac
Multiple Vulnerabilities are affected in Apple iTunes For Mac 12.10.8Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-316017Apple iTunes (X64) (12.10.9.3)
PATCH-316016Apple iTunes (12.10.9.3)
PATCH-316162iCloud (7.21.0.23) (Deployment-Only)
PATCH-310919Apple iTunes (X64) (12.10.0.7)
PATCH-310917Apple iTunes (12.10.0.7)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234