Apple Quick Look 跨站脚本漏洞
| CNNVD-ID编号 | CNNVD-202011-1378 | CVE编号 | CVE-2020-10012 |
| 发布时间 | 2020-11-13 | 更新时间 | 2020-12-24 |
| 漏洞类型 | 跨站脚本 | 漏洞来源 | N/A |
| 危险等级 | 中危 | 威胁类型 | 远程 |
| 厂商 | N/A | ||
漏洞介绍
Apple Mac Pro等都是美国苹果(Apple)公司的产品。Apple Mac Pro是一款电脑。Apple MacBook Air是一款笔记本电脑。Apple MacBook Pro是一款笔记本电脑。
Apple Quick Look 存在跨站脚本漏洞,该漏洞允许处理恶意制作的文档可能会导致跨站点脚本攻击。以下产品及版本受到影响:Mac Pro (2013 and later), MacBook Air (2013 and later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later), iMac (2014 and later), MacBook (2015 and later), iMac Pro (all models)。
漏洞补丁
目前厂商已发布升级了Apple Quick Look 跨站脚本漏洞的补丁,Apple Quick Look 跨站脚本漏洞的补丁获取链接:
https://support.apple.com/en-us/HT211931
参考网址
来源:MISC
链接:https://support.apple.com/en-us/HT211931
来源:FULLDISC
链接:http://seclists.org/fulldisclosure/2020/Dec/26
来源:CONFIRM
链接:https://support.apple.com/kb/HT212011
来源:FULLDISC
链接:http://seclists.org/fulldisclosure/2020/Dec/32
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/Apple-macOS-11-multiple-vulnerabilities-33899
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/160538/Apple-Security-Advisory-2020-12-14-3.html
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4060/
来源:www.auscert.org.au
链接:https://www.auscert.org.au/bulletins/ESB-2020.4060.2/
受影响实体
暂无
信息来源
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202011-1378
评论