‫ Apple iTunes Two Vulnerabilities

IRCAD2012061976
ID: IRCAD2012061976
Release Date: 2012-06-12
Criticality level: Highly critical
 
Software:
Apple iTunes 10.x
 
Description:
Apple has reported two vulnerabilities in Apple iTunes, which can be exploited by malicious people to compromise a user's system.
1) An error in the handling of .m3u playlists can be exploited to cause a heap-based buffer overflow via a specially crafted M3U (".m3u") file.
2) A vulnerability is caused due to a bundled vulnerable version of WebKit.
NOTE: This vulnerability does not affect the application on OS X Lion systems.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
 
Solution
Update to version 10.6.3.
 
References:
Apple:
 
Secunia:
http://secunia.com/advisories/49489/

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 23 خرداد 1391

امتیاز

امتیاز شما
تعداد امتیازها:0