APPLE-SA-2020-1-29-1 iCloud for Windows 7.17
APPLE-SA-2020-1-29-1 iCloud for Windows 7.17
- Subject: APPLE-SA-2020-1-29-1 iCloud for Windows 7.17
- From: Apple Product Security via Security-announce <email@hidden>
- Date: Wed, 29 Jan 2020 13:31:16 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2020-1-29-1 iCloud for Windows 7.17
iCloud for Windows 7.17 addresses the following:
ImageIO
Available for: Windows 7 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-3826: Samuel Groß of Google Project Zero
libxml2
Available for: Windows 7 and later
Impact: Processing maliciously crafted XML may lead to an unexpected
application termination or arbitrary code execution
Description: A buffer overflow was addressed with improved size
validation.
CVE-2020-3846: Ranier Vilela
WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2020-3867: an anonymous researcher
WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2020-3825: Przemysław Sporysz of Euvic
CVE-2020-3868: Marcin Towalski of Cisco Talos
WebKit
Available for: Windows 7 and later
Impact: A malicious website may be able to cause a denial of service
Description: A denial of service issue was addressed with improved
memory handling.
CVE-2020-3862: Srikanth Gatta of Google Chrome
WebKit Page Loading
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2020-3865: Ryan Pickren (ryanpickren.com)
Installation note:
iCloud for Windows 7.17 may be obtained from:
https://support.apple.com/HT204283
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl4xy2AACgkQBz4uGe3y
0M3Oxw/8CJvsIVoh/3V6SRfu0HGNx0I4PX0UPfV2a90bEMjE6d/X1IRyswy5gbXz
jM7Cj71WAOMTb/LvgteHMo7GrAKK9oypP2SQvatuJKgzzu7G3viRwJGEOzsMisZv
mCJKvgJGnTSfoso8zt3F3x+EwjeOpVgcU4bJyQMBK9LS5uLBWIbkj+F7Z9x8knHv
i/upVc7LYaQotFjb6vM2nzuzo+MR+fv70c4HItXQFeh9lSuQcoHEwxlkHk8WfDPh
TZoQGC8vahYZf9LY1KyH8fIpBEqw1w6gIzLcIVknMjQ/+WtX23wHYWN9dwCikCwo
p/ariH4XwlVNe2DUK148ViEc3CkR0qrJs9063Jd+u3qS0UWVMyXUI9k8wb6lgsnw
/TQTXGTT5s1U6rSShLc2iLqYtGjmTTPAkZ2BsT80TKdE6hgP82a5ph6GM77FjNpD
MkWKhMsI9LyO0g682SG7EUxNbrGk2Wq3HR7LOBDYhAymcXKqlkWZXoKpSILktZEt
Pci8eHxe63JsCMvJiGZOszjQLu8f3VPgFG5PE4fxVv+k0M8C6w9viKTKNj3YVLY6
Spx0tK0e626tBmtP7LtsSxaxZ2W/aIZmFrABPAvLpKoM/LRWx7T6K8cqA4cWDxXj
75lcyho8pm5ekRwwrU4VJ/ZwsNJO16BjM9n2itI1Ol+mvDwU7jw=
=sZy+
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden