Apple Security Advisory 2020-09-16-3

Apple Security Advisory 2020-09-16-3: Posted Sep 18, 2020; Authored by Apple | Site apple.com; Apple Security Advisory 2020-09-16-3 - Safari 14.0 is now available and addresses code execution, cross site scripting, out of bounds write, and use-after-free vulnerabilities.; tags | advisory, vulnerability, code execution, xss; systems | apple; advisories | CVE-2020-9948, CVE-2020-9951, CVE-2020-9952, CVE-2020-9983; SHA-256 | cae12a9373b83d218a96163e66f5f4bf1ba87f98cae36acd07e759d548a83cdb; Download | Favorite | View

Apple Security Advisory 2020-09-16-3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2020-09-16-3 Safari 14.0

Safari 14.0 is now available and addresses the following:

WebKit
Available for: macOS Catalina and macOS Mojave, and included in macOS
Big Sur
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2020-9948: Brendan Draper (@6r3nd4n) working with Trend Micro
Zero Day Initiative

WebKit
Available for: macOS Catalina and macOS Mojave, and included in macOS
Big Sur
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9951: Marcin 'Icewall' Noga of Cisco Talos

WebKit
Available for: macOS Catalina and macOS Mojave, and included in macOS
Big Sur
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: An input validation issue was addressed with improved
input validation.
CVE-2020-9952: Ryan Pickren (ryanpickren.com)

WebKit
Available for: macOS Catalina and macOS Mojave, and included in macOS
Big Sur
Impact: Processing maliciously crafted web content may lead to code
execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9983: zhunki

Installation note:

Safari 14.0 may be obtained from the Mac App Store.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl9igrIACgkQZcsbuWJ6
jjCpCg/9HrN7CFbJ5xDXcHJdB/nQi4DeMR7Ub39sDRg7fjhUN9hVpAfYe8wqfS/6
CCnegVb/vz2OEo0gFQdp9xvKeVKzzepxjf2KCUNmEaKilY+ERWp5E6Y210GEHwYz
ihwTtLPk76hTupqquxq21IvofUgT0fpUmiLkL5vRucYe5qh963bKM4EJ6wwcJ2SM
b3IkGsiG4L4aOIaQWZ0lpfiDF2RvHwmi4zRdMLGw18mjmufdjmj0UrxoUYjZreu7
AAXYYwo6xozYZ/dSV3a/7QBZZ76kn3g0n3fMrymyKF2p+M3Arj78zX+N0ZsdSR0Y
rIALxZrJR9JEeng+D3V+e+KrFTRAPTPXS5tdnHwrO0IK3LQx3gcmInH3vDLpTDtw
uCr8EFpl54ukYmrvOHIEo+touCl37sneB7J6oC9SWDRB3HyrgCq31r8mDrNOnKbg
RPkdqhW5NYZ14DsBRszutTZcuXZ+V4jVbWIzmI2FADrnc61oQPNhM0gOM/wKdIMs
0BsOufl6NIqIyR613mrkso0fKh7kO5k3Mxrlkbns8/r1ZayjJy8EpWoYkagZzwlH
hFY+JSZDwF35KMa4rxHW67HAuJrQWcNn3NjtGkWg50GqWMPCueiefzOp7jDha1VY
ZxiH8LYs6ptMIkwG6FBUjLO22wu2oXuuiiAjyUCgoWUgQTj8UoQ=Z6cg
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Apple Security Advisory 2020-09-16-3

Apple Security Advisory 2020-09-16-3

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Apple Security Advisory 2020-09-16-3

Share This

Apple Security Advisory 2020-09-16-3

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems