Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-9803

Опубликовано: 10 июл. 2020
Источник: redhat
CVSS3: 8.8
EPSS Низкий

Описание

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

A flaw was found in webkitgtk in versions prior to 2.28.3 and in WPE WebKit in versions prior to 2.28.3. A memory corruption issue could allow processing maliciously crafted web content leading to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6webkitgtkOut of support scope
Red Hat Enterprise Linux 7webkitgtk3Will not fix
Red Hat Enterprise Linux 7webkitgtk4Will not fix
Red Hat Enterprise Linux 8webkit2gtk3FixedRHSA-2020:445104.11.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-20->CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=1879557webkitgtk: Memory corruption may lead to arbitrary code execution

EPSS

Процентиль: 59%
0.00393
Низкий

8.8 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-9803

CVSS3: 8.8
ubuntu
около 5 лет назад

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

nvd логотип

CVE-2020-9803

CVSS3: 8.8
nvd
около 5 лет назад

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

debian логотип

CVE-2020-9803

CVSS3: 8.8
debian
около 5 лет назад

A memory corruption issue was addressed with improved validation. This ...

github логотип

GHSA-7367-6vqq-q8g3

github
около 3 лет назад

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

fstec логотип

BDU:2021-03026

CVSS3: 8.8
fstec
около 5 лет назад

Уязвимость модуля отображения веб-страниц WebKit операционных систем Mac OS, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 59%
0.00393
Низкий

8.8 High

CVSS3