Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.ITUNES_7_4.NASL
HistorySep 07, 2007 - 12:00 a.m.

Apple iTunes < 7.4 Malformed Music File Heap Overflow (credentialed check)

2007-09-0700:00:00
This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
www.tenable.com
8
JSON

The remote host is running Apple iTunes, a popular media player.

The remote version of iTunes is vulnerable to a heap overflow when it parses a specially crafted MP4/AAC file. By tricking a user into opening such a file, a remote attacker may be able to leverage this issue to execute arbitrary code on the affected host, subject to the privileges of the user running the application.

#
#  (C) Tenable Network Security, Inc.
#


include("compat.inc");

if (description)
{
  script_id(25998);
  script_version("1.18");
 script_cvs_date("Date: 2018/11/15 20:50:27");

  script_cve_id("CVE-2007-3752");
  script_bugtraq_id(25567);

  script_name(english:"Apple iTunes < 7.4 Malformed Music File Heap Overflow (credentialed check)");
  script_summary(english:"Check the version of iTunes");

 script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains an application that is affected by a
remote code execution flaw.");
 script_set_attribute(attribute:"description", value:
"The remote host is running Apple iTunes, a popular media player.

The remote version of iTunes is vulnerable to a heap overflow when
it parses a specially crafted MP4/AAC file.  By tricking a user into
opening such a file, a remote attacker may be able to leverage this
issue to execute arbitrary code on the affected host, subject to the
privileges of the user running the application.");
 script_set_attribute(attribute:"see_also", value:"https://support.apple.com/?artnum=306404");
 script_set_attribute(attribute:"solution", value:
"Upgrade to Apple iTunes 7.4 or later.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
 script_cwe_id(119);
 script_set_attribute(attribute:"plugin_publication_date", value:"2007/09/07");
 script_set_attribute(attribute:"vuln_publication_date", value:"2007/09/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:itunes");
script_end_attributes();


  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");
  script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
  script_dependencies("itunes_detect.nasl");
  script_require_keys("SMB/iTunes/Version");

  exit(0);
}


vers = get_kb_item("SMB/iTunes/Version");
if ( isnull(vers) ) exit(0);
vers = split(vers, sep:'.', keep:FALSE);
if ( int(vers[0]) > 0 && (
     int(vers[0]) < 7 ||
     (int(vers[0]) == 7 && int(vers[1]) < 4 ) ) )
	security_hole(get_kb_item("SMB/transport"));
VendorProductVersionCPE
appleitunescpe:/a:apple:itunes

Related

prion 1
nessus 2
cve 1
prion
prion
Heap overflow
2007-09-06 21:17:00
nessus
nessus
iTunes < 7.4 Malformed Music File Heap Overflow (Mac OS X)
2007-09-07 00:00:00
Apple iTunes < 7.4 Malformed Music File Heap Overflow (uncredentialed check)
2007-09-07 00:00:00
cve
cve
CVE-2007-3752
2007-09-06 21:17:00
JSON
Related for ITUNES_7_4.NASL
prion1nessus2cve1