RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2013:1014)

Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

APPLE-SA-2013-05-16-1 iTunes 11.0.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-05-16-1 iTunes 11.0.3 iTunes 11.0.3 is now available and addresses the following: iTunes Available for: Mac OS X v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: An attacker in a privileged network position may manipulate HTTP...

KLA10076 Multiple vulnerabilities in Apple iTunes

Multiple critical vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or spoof HTTPS servers. Below is a complete list of vulnerabilities 1. Vectors related to browsing the iTunes Store can be...

CVE-2013-1014

Apple iTunes before 11.0.3 is affected by a certificate validation flaw: it does not properly verify X.509 certificates, allowing a man-in-the-middle to spoof HTTPS servers with an arbitrary valid certificate. The vulnerability concerns iTunes on Windows and macOS platforms; exploitation could en...