‫ Apple iTunes Multiple Vulnerabilities

IRCAD2013052701
ID: IRCAD2013052701
Release Date: 2013-05-17
Criticality level: Highly critical
Software:
Apple iTunes 11.x
Description:                                                         
Multiple vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious people to conduct spoofing attacks and compromise a user's system.
1) The application does not properly validate SSL server certificates, which can be exploited to e.g. conduct Man-in-the-Middle (MitM) attacks.
2) Some unspecified errors exist within the WebKit component. No further information is currently available.
3) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit.
The vulnerabilities are reported in versions prior to 11.0.3.
Solution
Update to version 11.0.3.
References:
APPLE-SA-2013-05-16-1:
Secunia
http://secunia.com/advisories/53471/

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 29 اردیبهشت 1392

امتیاز

امتیاز شما
تعداد امتیازها:0