Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.1045
Safari 13.1 security update for macOS
25 March 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Safari
Publisher: Apple
Operating System: Mac OS
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Cross-site Scripting -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Unauthorised Access -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2020-9784 CVE-2020-9783 CVE-2020-3902
CVE-2020-3901 CVE-2020-3900 CVE-2020-3899
CVE-2020-3897 CVE-2020-3895 CVE-2020-3894
CVE-2020-3887 CVE-2020-3885
Reference: ESB-2020.1041
ESB-2020.1042
Original Bulletin:
https://support.apple.com/en-au/HT210922
- --------------------------BEGIN INCLUDED TEXT--------------------
APPLE-SA-2020-03-24-5 Safari 13.1
Safari 13.1 is now available and addresses the following:
Safari Downloads
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A malicious iframe may use another website's download
settings
Description: A logic issue was addressed with improved restrictions.
CVE-2020-9784: Ruilin Yang of Tencent Security Xuanwu Lab, Ryan
Pickren (ryanpickren.com)
WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2020-3901: Benjamin Randazzo (@____benjamin)
WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A download's origin may be incorrectly associated
Description: A logic issue was addressed with improved restrictions.
CVE-2020-3887: Ryan Pickren (ryanpickren.com)
WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-3895: grigoritchy
CVE-2020-3900: Dongzhuo Zhao working with ADLab of Venustech
WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: An application may be able to read restricted memory
Description: A race condition was addressed with additional
validation.
CVE-2020-3894: Sergei Glazunov of Google Project Zero
WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9783: Apple
WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2020-3897: Brendan Draper (@6r3nd4n) working with Trend Micro's
Zero Day Initiative
WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2020-3899: found by OSS-Fuzz
WebKit
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: Processing maliciously crafted web content may lead to a
cross site scripting attack
Description: An input validation issue was addressed with improved
input validation.
CVE-2020-3902: Yigit Can YILMAZ (@yilmazcanyigit)
WebKit Page Loading
Available for: macOS Mojave and macOS High Sierra, and included in
macOS Catalina
Impact: A file URL may be incorrectly processed
Description: A logic issue was addressed with improved restrictions.
CVE-2020-3885: Ryan Pickren (ryanpickren.com)
Additional recognition
Safari
We would like to acknowledge Dlive of Tencent Security Xuanwu Lab,
Jacek Kolodziej of Procter & Gamble, and Justin Taft of One Up
Security, LLC for their assistance.
Safari Extensions
We would like to acknowledge Jeff Johnson of underpassapp.com for
their assistance.
Safari Reader
We would like to acknowledge Nikhil Mittal (@c0d3G33k) of Payatu Labs
(payatu.com) for their assistance.
WebKit
We would like to acknowledge Emilio Cobos Ãlvarez of Mozilla, Samuel
Gross of Google Project Zero, and an anonymous researcher for their
assistance.
Installation note:
Safari 13.1 may be obtained from the Mac App Store.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXnqvGGaOgq3Tt24GAQgrrBAAp++7ZmMATxIxW9MDd9oP1eL+wTPPtsnZ
y/P8T+CUyP/BD2wYQdNncSYWFf/shcyvIoAqIDwhvsWDXszzaQ2fq+rV7gxLqowL
+wtZ4163t6EWOfYw0IUmCfbXj762oG3MqwKgPCux0u5ZVSpetDDTWq8q9rFtFZ41
nKOY88i6eoLNH2UvTC29yuhFbgC5gOujXVpsCsYScaSOsFIysBaIJydgDadPNMgR
L5LmABGCLSrnrcQJV1PFmmyZHoXwjRhw+uHrWdVL6L+UBJJ6sI/krIcr/CAnX4pD
yvzDGRv7uJolo/xliKf30eSAkq37HNHfKogddYJtBamx2TRUMa601nEm4lXuHkXx
67WrB79CUuvC0q+jIIZZ2JyPqb4N0gdnNj6cPJ8iW8nX7gtfLtYUUOpMMTApco47
UbtnwyTQbJ4kUcc6GyYI3eWOrLOIF+IDO5k88CmJZqit3W/Ta5BrkbXnjU/5eVr9
MdgDc8BkPUwrEhY/UbLYcSOUKyhqOLV7897gyWBFHQ4hjzISI1x3Ti4u9bY/FcI6
FvrbYQZ2xKiqUswBxUax6cVv7UnC4WYZJ1cOp1gSdui+haWVOu+5M0FaWcmuJcJG
5m5a168L4kVzhu6j9sVcRIeUF/LhXUW9UOjyJswKUiyFQL0ipCaL7TpDZKVcsc2q
m0O27wFZ5LU=
=bMl6
-----END PGP SIGNATURE-----