Home > Operation and Maintenance > Safety > What code execution vulnerabilities does Apple fix in iOS and iPadOS?

What code execution vulnerabilities does Apple fix in iOS and iPadOS?

王林
Release: 2023-05-19 16:26:22
forward
837 people have browsed it

Apple this week fixed multiple critical code execution vulnerabilities affecting its iOS and iPadOS mobile operating systems.

The IT giant released iOS 14.3 and iPadOS 14.3, which fixed 11 security vulnerabilities, including code execution vulnerabilities.

The most serious vulnerabilities in malicious font files can be exploited by attackers to execute malicious code on Apple iPhones and iPads. It is this manufacturer that has patched two font parsing vulnerabilities, CVE-2020-27943 and CVE-2020-27944.

Apple stated in the security advisory that these two vulnerabilities exist in the FontParser component and that there is memory corruption in the function of processing font files. The vulnerabilities have been fixed by optimizing input validation.

This time, Apple also fixed two memory corruption vulnerabilities. These two vulnerabilities exist in the input validation method of certain font files and can be used by attackers to execute arbitrary code.

The company has fixed three additional security vulnerabilities (CVE-2020-29617, CVE-2020-29618, CVE-2020-29619) affecting the ImageIO programming interface framework, which attackers can exploit with the help of specially constructed images. These vulnerabilities execute arbitrary code.

The company also fixed an out-of-bounds write vulnerability that could have been exploited by an attacker to execute arbitrary code via a maliciously crafted audio file.

Finally, Apple has resolved a logic flaw in the App Store that could have caused installations of enterprise apps to display domain errors.

The above is the detailed content of What code execution vulnerabilities does Apple fix in iOS and iPadOS?. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:yisu.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template