Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60206
HistoryJun 13, 2012 - 12:00 a.m.

Apple iTunes执行任意代码和拒绝服务漏洞

2012-06-1300:00:00
Root
www.seebug.org
22

0.869 High

EPSS

Percentile

98.3%

JSON

CVE ID: CVE-2012-0672,CVE-2012-0677

iTunes是一款媒体播放器的应用程序,2001年1月10日由苹果电脑在旧金山的Macworld Expo推出,用来播放以及管理数字音乐和与视频文件,是管理苹果iPod的文件的主要工具。

Apple iTunes在捆绑的WebKit中存在有漏洞版本,并且在处理特制的M3U (".m3u")文件列表时存在错误可被利用造成堆缓冲区溢出,执行任意代码,从而控制用户系统。该漏洞不影响OS X Lion系统上的应用。
0
Apple iTunes 10.x
厂商补丁:

Apple

Apple已经为此发布了一个安全公告(HT5318)以及相应补丁:

HT5318:About the security content of iTunes 10.6.3

链接:http://support.apple.com/kb/HT5318

Related

nessus 10
securityvulns 4
ubuntucve 1
saint 4
canvas 1
prion 2
checkpoint_advisories 2
zeroscience 1
exploitpack 2
packetstorm 2
seebug 2
openvas 10
cve 2
exploitdb 2
ubuntu 1
nessus
nessus
iTunes < 10.6.3 Multiple Vulnerabilities
2012-06-19 00:00:00
Apple iTunes < 10.6.3 Multiple Vulnerabilities (uncredentialed check)
2012-06-14 00:00:00
Apple iTunes < 10.6.3 Multiple Vulnerabilities (credentialed check)
2012-06-14 00:00:00
securityvulns
securityvulns
Apple iTunes security vulnerabilities
2012-06-12 00:00:00
APPLE-SA-2012-06-11-1 iTunes 10.6.3
2012-06-12 00:00:00
APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update
2012-05-09 00:00:00
ubuntucve
ubuntucve
CVE-2012-0672
2012-05-08 00:00:00
saint
saint
iTunes m3u Playlist Overflow
2012-07-03 00:00:00
iTunes m3u Playlist Overflow
2012-07-03 00:00:00
iTunes m3u Playlist Overflow
2012-07-03 00:00:00
canvas
canvas
Immunity Canvas: ITUNES_10_6_1
2012-06-12 14:55:00
prion
prion
Memory corruption
2012-05-08 10:25:00
Heap overflow
2012-06-12 14:55:00
checkpoint_advisories
checkpoint_advisories
Apple iTunes m3u Playlist Multiple Buffer Overflows (CVE-2012-0677)
2012-09-04 00:00:00
Apple iTunes m3u Playlist Multiple Buffer Overflows - High Confidence (CVE-2012-0677)
2013-03-03 00:00:00
zeroscience
zeroscience
Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow
2012-06-12 00:00:00
exploitpack
exploitpack
Apple iTunes 10.6.1.7 - .m3u Walking Heap Buffer Overflow (PoC)
2012-06-13 00:00:00
Apple iTunes 10.6.1.7 - Extended m3u Stack Buffer Overflow (Metasploit)
2012-06-21 00:00:00
packetstorm
packetstorm
iTunes Extended M3U Stack Buffer Overflow
2012-06-21 00:00:00
Apple iTunes 10.6.1.7 M3U Playlist Buffer Overflow
2012-06-12 00:00:00
seebug
seebug
Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow
2014-07-01 00:00:00
Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow
2014-07-01 00:00:00
openvas
openvas
Apple iTunes '.m3u' Playlist Code Execution Vulnerabilities (Windows)
2012-06-12 00:00:00
Apple iTunes '.m3u' Playlist Code Execution Vulnerability (Mac OS X)
2012-06-12 00:00:00
Apple iTunes '.m3u' Playlist Code Execution Vulnerabilities - Windows
2012-06-12 00:00:00
cve
cve
CVE-2012-0677
2012-06-12 14:55:00
CVE-2012-0672
2012-05-08 10:25:00
exploitdb
exploitdb
Apple iTunes 10.6.1.7 - Extended m3u Stack Buffer Overflow (Metasploit)
2012-06-21 00:00:00
Apple iTunes 10.6.1.7 - &#039;.m3u&#039; Walking Heap Buffer Overflow (PoC)
2012-06-13 00:00:00
ubuntu
ubuntu
WebKit vulnerabilities
2012-08-08 00:00:00

0.869 High

EPSS

Percentile

98.3%

JSON
Related for SSV:60206
nessus10securityvulns4ubuntucve1saint4canvas1prion2checkpoint_advisories2zeroscience1exploitpack2packetstorm2seebug2openvas10cve2exploitdb2ubuntu1