CVE-2020-3846: CVE-2020-3846

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-3846

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted XML may lead to an unexpected application termination or arbitrary code execution.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款Apple产品libxml2组件安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Apple iTunes for Windows等都是美国苹果（Apple）公司的产品。Apple iTunes for Windows是一款基于Windows平台的媒体播放器应用程序。Apple watchOS是一套智能手表操作系统。Apple macOS Catalina是一套专为Mac计算机所开发的专用操作系统。libxml2是其中的一个基于C语言的用来解析XML文档的函数库组件。多款Apple产品中的libxml2组件存在安全漏洞。攻击者可借助恶意制作的XML利用该漏洞终止应用程序或执行任意代码

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Apple	iOS	unspecified ~ iOS 13.3.1 and iPadOS 13.3.1	-
Apple	macOS	unspecified ~ macOS Catalina 10.15.3	-
Apple	tvOS	unspecified ~ tvOS 13.3.1	-
Apple	watchOS	unspecified ~ watchOS 6.1.2	-
Apple	iTunes for Windows	unspecified ~ iTunes for Windows 12.10.4	-
Apple	iCloud for Windows	unspecified ~ iCloud for Windows 11.0	-
Apple	iCloud for Windows (Legacy)	unspecified ~ iCloud for Windows 7.17	-

II. Public POCs for CVE-2020-3846

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-3846

Please Login to view more intelligence information

https://support.apple.com/HT210948x_refsource_MISC
https://support.apple.com/HT210947x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-3846

New Vulnerabilities

Product: iOS

Vendor: Apple

V. Comments for CVE-2020-3846

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2020-3846

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-3846

III. Intelligence Information for CVE-2020-3846

New Vulnerabilities

V. Comments for CVE-2020-3846

Leave a comment