Apple tvOS Font File memory corruption

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in Apple tvOS (Digital Media Player) (version unknown). Affected is an unknown part of the component Font File Handler. Upgrading eliminates this vulnerability.

Field04/03/2021 10:36 AM04/08/2021 03:07 PM
vendorAppleApple
nametvOStvOS
componentFont File HandlerFont File Handler
cwe119 (memory corruption)119 (memory corruption)
risk22
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
nameUpgradeUpgrade
cveCVE-2020-29624CVE-2020-29624
date1617400800 (04/03/2021)1617400800 (04/03/2021)
typeDigital Media PlayerDigital Media Player
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_eNDND
cvss3_vuldb_eXX
cvss2_vuldb_basescore7.57.5
cvss2_vuldb_tempscore7.56.5
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.36.0
cvss3_meta_basescore6.36.3
cvss3_meta_tempscore6.36.0
price_0day$5k-$25k$5k-$25k
cve_assigned1607382000
cve_nvd_summaryA memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution.

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!