search
HomeOperation and MaintenanceSafetyWhat code execution vulnerabilities does Apple fix in iOS and iPadOS?

Apple this week fixed multiple critical code execution vulnerabilities affecting its iOS and iPadOS mobile operating systems.

The IT giant released iOS 14.3 and iPadOS 14.3, which fixed 11 security vulnerabilities, including code execution vulnerabilities.

The most serious vulnerabilities in malicious font files can be exploited by attackers to execute malicious code on Apple iPhones and iPads. It is this manufacturer that has patched two font parsing vulnerabilities, CVE-2020-27943 and CVE-2020-27944.

Apple stated in the security advisory that these two vulnerabilities exist in the FontParser component and that there is memory corruption in the function of processing font files. The vulnerabilities have been fixed by optimizing input validation.

This time, Apple also fixed two memory corruption vulnerabilities. These two vulnerabilities exist in the input validation method of certain font files and can be used by attackers to execute arbitrary code.

The company has fixed three additional security vulnerabilities (CVE-2020-29617, CVE-2020-29618, CVE-2020-29619) affecting the ImageIO programming interface framework, which attackers can exploit with the help of specially constructed images. These vulnerabilities execute arbitrary code.

The company also fixed an out-of-bounds write vulnerability that could have been exploited by an attacker to execute arbitrary code via a maliciously crafted audio file.

Finally, Apple has resolved a logic flaw in the App Store that could have caused installations of enterprise apps to display domain errors.

The above is the detailed content of What code execution vulnerabilities does Apple fix in iOS and iPadOS?. For more information, please follow other related articles on the PHP Chinese website!

Statement
This article is reproduced at:亿速云. If there is any infringement, please contact admin@php.cn delete

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

mPDF

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

SublimeText3 Linux new version

SublimeText3 Linux new version

SublimeText3 Linux latest version

VSCode Windows 64-bit Download

VSCode Windows 64-bit Download

A free and powerful IDE editor launched by Microsoft

SAP NetWeaver Server Adapter for Eclipse

SAP NetWeaver Server Adapter for Eclipse

Integrate Eclipse with SAP NetWeaver application server.

Safe Exam Browser

Safe Exam Browser

Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.