Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
Become a Partner and License Our Database or Notification Service
|
|
|
|
|
|
|
|
|
|
|
|
|
Apple iTunes Multiple Flaws Let Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1026163 |
|
SecurityTracker URL: http://securitytracker.com/id/1026163
|
|
CVE Reference:
CVE-2011-0259, CVE-2011-2338, CVE-2011-2339, CVE-2011-2341, CVE-2011-2352, CVE-2011-2354, CVE-2011-2356, CVE-2011-2809, CVE-2011-2811, CVE-2011-2813, CVE-2011-2814, CVE-2011-2815, CVE-2011-2816, CVE-2011-2817, CVE-2011-2820, CVE-2011-2823, CVE-2011-2827, CVE-2011-2831, CVE-2011-3219, CVE-2011-3233, CVE-2011-3234, CVE-2011-3235, CVE-2011-3236, CVE-2011-3237, CVE-2011-3238, CVE-2011-3239, CVE-2011-3241, CVE-2011-3244, CVE-2011-3252
(Links to External Site)
|
Updated: Oct 12 2011
|
Original Entry Date: Oct 11 2011
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 10.5
|
Description:
Multiple vulnerabilities were reported in iTunes. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create specially crafted content that, when loaded by the target user, will trigger a memory corruption error in WebKit and execute arbitrary code on the target system. The code will run with the privileges of the target user.
The following CVE numbers apply:
CVE-2011-2338
CVE-2011-2339
CVE-2011-2341
CVE-2011-2352
CVE-2011-2354
CVE-2011-2356
CVE-2011-2809
CVE-2011-2811
CVE-2011-2813
CVE-2011-2814
CVE-2011-2815
CVE-2011-2816
CVE-2011-2817
CVE-2011-2820
CVE-2011-2823
CVE-2011-2827
CVE-2011-2831
CVE-2011-3233
CVE-2011-3234
CVE-2011-3235
CVE-2011-3236
CVE-2011-3237
CVE-2011-3238
CVE-2011-3239
CVE-2011-3241
CVE-2011-3244
A remote user can create a specially crafted movie file to trigger a buffer overflow in the processing of H.264 encoded movie files [CVE-2011-3219].
A remote user can create specially crafted audio content that, when loaded by the target user, will trigger a buffer overflow in the processing of audio stream encoded with the advanced audio code [CVE-2011-3252]. Mac OS X Lion is not affected.
A remote user can conduct a man-in-the-middle attack to trigger a memory corruption error in the processing of string tokenization [CVE-2011-0259]. Mac OS X Lion is not affected.
Abhishek Arya (Inferno) of Google Chrome Security Team, Cris Neckar of the Google Chrome Security Team, Adam Barth and Abhishek Arya of Google Chrome Security Team, SkyLined of Google Chrome Security Team, Raman Tenneti and Philip Rogers of Google, miaubiz, Sadrul Habib Chowdhury of the Chromium development community, Dimitri Glazkov, Kent Tamura, and Dominic Cooney of the Chromium development community, Martin Barbella, Slawomir Blazek, vkouchna, Damian Put (via TippingPoint's Zero Day Initiative, and Luigi Auriemma (via TippingPoint's Zero Day Initiative) reported these vulnerabilities.
|
Impact:
A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
|
Solution:
The vendor has issued a fix (10.5), available from:
http://www.apple.com/itunes/download/
For Windows XP / Vista / Windows 7:
The download file is named: "iTunesSetup.exe"
Its SHA-1 digest is: 1205cda4ce9a32db2fe02cf9f2cf2c0bf7d47bdb
For 64-bit Windows XP / Vista / Windows 7:
The download file is named: "iTunes64Setup.exe"
Its SHA-1 digest is: ab400ad27a537613b3b5306ea026763a93d57fdf
The vendor's advisory is available at:
http://support.apple.com/kb/HT4981
|
Vendor URL: support.apple.com/kb/HT4981 (Links to External Site)
|
Cause:
Access control error, Boundary error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
Go to the Top of This SecurityTracker Archive Page
|
