Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Apple iTunes
Опубликовано:19 августа 2010 г.
Источник:
SecurityVulns ID:11086
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти при разборе различных форматов, повышения привилегий, выполнение кода через сетевые папки.
Затронутые продукты:APPLE : iTunes 9.0
CVE:CVE-2010-1795 (Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.)
 CVE-2010-1768 (Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.)
 CVE-2010-0532 (Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.)
 CVE-2010-0531 (Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file.)
 CVE-2010-0043 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.)
 CVE-2010-0042 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image.)
 CVE-2010-0041 (ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image.)
 CVE-2010-0040 (Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow.)
 CVE-2009-2285 (Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.)
Оригинальный текстdocumentMitja Kolsek, ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1) (19.08.2010)
 documentAPPLE, About the security content of iTunes 9.1 (19.08.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород