CVE-2021-47803

iFunbox 4.2 contains an unquoted service path vulnerability in the Apple Mobile Device Service that allows local attackers to execute code with elevated privileges. Attackers can insert a malicious executable into the unquoted service path to run with LocalSystem privileges when the service...

CVE-2021-47803 iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path

iFunbox 4.2 contains an unquoted service path vulnerability in the Apple Mobile Device Service that allows local attackers to execute code with elevated privileges. Attackers can insert a malicious executable into the unquoted service path to run with LocalSystem privileges when the service...

CVE-2021-47803

CVE-2021-47803 concerns iFunbox 4.2, where an unquoted service path in the Apple Mobile Device Service enables local attackers to execute code with elevated privileges. The root cause is an unquoted service path allowing a malicious executable to be started when the service restarts, leading to L...

CVE-2021-47803 iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path

iFunbox 4.2 contains an unquoted service path vulnerability in the Apple Mobile Device Service that allows local attackers to execute code with elevated privileges. Attackers can insert a malicious executable into the unquoted service path to run with LocalSystem privileges when the service...

Apple iTunes Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple iTunes. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Apple Mobile Device...

About the security content of iTunes 12.12.4 for Windows

About the security content of iTunes 12.12.4 for Windows This document describes the security content of iTunes 12.12.4 for Windows. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

Apple iTunes 权限许可和访问控制问题漏洞

Apple iTunes is a suite of media player applications from Apple Inc. that are used to play and manage digital music and video files. A permission and access control issue exists in Apple iTunes Mobile Device Service, which arises from the application not properly securing the mobile device servic...

iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path

Exploit Title: iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.i-funbox.com/en/index.html Software Link: https://www.i-funbox.com/download/ifunboxsetup4.2.exe Version: 4.2 Service File Version: 486.0.2.23...

iFunbox 4.2 - (Apple Mobile Device Service) Unquoted Service Path Vulnerability

Exploit Title: iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path Exploit Author: Julio Aviña Vendor Homepage: https://www.i-funbox.com/en/index.html Software Link: https://www.i-funbox.com/download/ifunboxsetup4.2.exe Version: 4.2 Service File Version: 486.0.2.23 Tested on: Window...

iFunbox 4.2 Unquoted Service Path

Exploit Title: iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path Date: 2021-06-18 Exploit Author: Julio Aviña Vendor Homepage: https://www.i-funbox.com/en/index.html Software Link: https://www.i-funbox.com/download/ifunboxsetup4.2.exe Version: 4.2 Service File Version: 486.0.2.23...

KLA11651 Multiple vulnerabilities in Apple iTunes

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, perform cross-site scripting attack, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Multiple memory corruption...