cvelistv5 - CVE-2012-0677

CVE-2012-0677 (GCVE-0-2012-0677)

Vulnerability from cvelistv5

Published

2012-06-12 14:00

Modified

2024-08-06 18:30

Severity ?

CWE

Summary

Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

fkie_cve-2012-0677

Vulnerability from fkie_nvd

Published

2012-06-12 14:55

Modified

2025-04-11 00:51

Severity ?

Summary

Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.

References

URL	Tags
product-security@apple.com	http://lists.apple.com/archives/security-announce/2012/Jun/msg00000.html	Vendor Advisory
product-security@apple.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17016
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2012/Jun/msg00000.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17016

Impacted products

Vendor	Product	Version
apple	itunes	*
apple	itunes	10.0
apple	itunes	10.0.1
apple	itunes	10.1
apple	itunes	10.1.1
apple	itunes	10.1.1.4
apple	itunes	10.1.2
apple	itunes	10.2
apple	itunes	10.2.2.12
apple	itunes	10.3
apple	itunes	10.3.1
apple	itunes	10.4
apple	itunes	10.4.0.80
apple	itunes	10.4.1
apple	itunes	10.4.1.10
apple	itunes	10.5
apple	itunes	10.5.1
apple	itunes	10.5.1.42
apple	itunes	10.5.2
apple	itunes	10.5.3
apple	itunes	10.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07D97E9C-D4BC-4B1D-B745-EA2F691BF8DF",
              "versionEndIncluding": "10.6.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5817849-ADD0-4905-87D5-4D61DB635747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E90253-3F7D-4361-819B-5D49657F4472",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CDE68E5-744B-4E18-BB74-83D7185E6A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A599C14-8294-40D2-BCF2-183AF3D3AD84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2375C00-64ED-4027-810F-BA9E561385D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C720899-5ED4-4B7F-B90F-043DE7D91C44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.2.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "81A2EB90-E0C6-47B0-91BD-F77A721C163F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1CA3CEB-11D9-4B24-82A1-D7EE77C2E7B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF65883-4445-4436-98C5-35D9D2E1907B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CCD602-FC35-4FD5-B976-4B585C5AA254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.4.0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "D82F9D18-690C-4F81-A940-C509C5AC8D30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B09F07-11C7-4A0A-9367-3A12E9B21110",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.4.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "87884DFE-9254-4CF3-A002-16DB880AA0DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "78B3119A-8986-4F13-9156-F8C9D1D8BC06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCA7E822-3EEC-4BF1-93A3-3E474BB4651A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.5.1.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC29E4A-A3C2-4D8A-B7AF-823A31EEEFF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6AACF2A-2CF0-4631-A979-B226D063275E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8020420-4C59-4536-9F73-AEC7999F766B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3822ACC2-5FEC-4F97-A5B2-8FE9D8EFC860",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de desbordamiento de b\u00fafer basado en pila en el iTunes de Apple antes de v10.6.3 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un un lista de reproducci\u00f3n .m3u espec\u00edficamente modificada para este fin."
    }
  ],
  "id": "CVE-2012-0677",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-12T14:55:01.250",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2012/Jun/msg00000.html"
    },
    {
      "source": "product-security@apple.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2012/Jun/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17016"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-w699-h5p9-7m5f

Vulnerability from github

Published

2022-05-17 00:59

Modified

2022-05-17 00:59

Details

Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-0677"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-06-12T14:55:00Z",
    "severity": "HIGH"
  },
  "details": "Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.",
  "id": "GHSA-w699-h5p9-7m5f",
  "modified": "2022-05-17T00:59:46Z",
  "published": "2022-05-17T00:59:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0677"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17016"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2012/Jun/msg00000.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2012-0677

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.

Aliases

CVE-2012-0677

Aliases

CVE-2012-0677

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-0677",
    "description": "Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.",
    "id": "GSD-2012-0677",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2012-0677"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-0677"
      ],
      "details": "Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.",
      "id": "GSD-2012-0677",
      "modified": "2023-12-13T01:20:14.474884Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "product-security@apple.com",
        "ID": "CVE-2012-0677",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "oval:org.mitre.oval:def:17016",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17016"
          },
          {
            "name": "APPLE-SA-2012-06-11-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2012/Jun/msg00000.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.4.0.80:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.1.1.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.5.1.42:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.4.1.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.2.2.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:10.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "10.6.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2012-0677"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2012-06-11-1",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2012/Jun/msg00000.html"
            },
            {
              "name": "oval:org.mitre.oval:def:17016",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17016"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-09-19T01:34Z",
      "publishedDate": "2012-06-12T14:55Z"
    }
  }
}

Deux vulnérabilités ont été corrigées dans iTunes. La première est un débordement de mémoire tampon dans le tas provoqué par l'entête d'un fichier « .m3u » spécialement conçu. La deuxième concerne la partie Webkit et permet une exécution de code arbitraire à distance au moyen d'un site web malveillant.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Versions antérieures à iTunes 10.6.3.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

var-201206-0336

Vulnerability from variot

Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist. Apple iTunes is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. iTunes is a free application for your Mac or PC. It lets you organize and play digital music and video on your computer. It can automatically download new music, app, and book purchases across all your devices and computers. And it’s a store that has everything you need to be entertained. Anywhere. a specially crafted .M3U file. Successful exploitation could allow execution of arbitrary code on the affected node.

--------------------------------------------------------------------------------

(940.fc0): Access violation - code c0000005 (!!! second chance !!!) eax=41414141 ebx=08508cd8 ecx=41414141 edx=052a6528 esi=052a64b0 edi=0559ef20 eip=41414141 esp=0012d8e8 ebp=7c90ff2d iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000206 +0x41414130: 41414141 ?? ??? ~~~ (6b0.a04): Access violation - code c0000005 (!!! second chance !!!) eax=41414141 ebx=00000000 ecx=00000014 edx=41414141 esi=41414141 edi=0187e10d eip=0187deec esp=0b0cfcd0 ebp=0b0cfcf0 iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000206 Defaulted to export symbols for C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - CoreFoundation!CFWriteStreamCreateWithAllocatedBuffers+0x40: 0187deec 8b00 mov eax,dword ptr [eax] ds:0023:41414141=????????
--------------------------------------------------------------------------------

Tested on: Microsoft Windows XP Professional SP3 EN (32bit)Microsoft Windows 7 Ultimate SP1 EN (64bit). Apple iTunes is a set of media player applications of Apple (Apple), which is mainly used for playing and managing digital music and video files. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2012-06-11-1 iTunes 10.6.3

iTunes 10.6.3 is now available and addresses the following:

iTunes Available for: Mac OS X v10.5 or later, Windows 7, Vista, XP SP2 or later Impact: Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of .m3u playlists. CVE-ID CVE-2012-0677 : Gjoko Krstic of Zero Science Lab

WebKit Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit. CVE-ID CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome Security Team

iTunes 10.6.3 may be obtained from: http://www.apple.com/itunes/download/

For Mac OS X: The download file is named: "iTunes10.6.3.dmg" Its SHA-1 digest is: e673e5cbd2955130efbc92a788fff178e66bd155

For Windows XP / Vista / Windows 7: The download file is named: "iTunesSetup.exe" Its SHA-1 digest is: 2618f701f1d1a853e33138a57bec193bcd08438e

For 64-bit Windows XP / Vista / Windows 7: The download file is named: "iTunes64Setup.exe" Its SHA-1 digest is: 3806af762a066fde3d7e83f86a429ae40175561e

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJP1iVwAAoJEPefwLHPlZEwwCwQAK3GHSCBWGFlkIdf5A14STjH 418W8jBN7fYpZL04wnBxFC4n6r9213/TAIq+FBQAUpS1Q4442qWbJ7DUPCU34+aC 1nhRhL6vXCrfsIqZB7YdsGIrcSw3iAKpyszCyDfE6l4oqwQuGzeUsZ89ZTxvKMLw QYelU0izAJHcBKDJ+GiQCSZjoYgOha9dW1rDE50EIc274SoyZqHBV1hs2fSkslMq GWKgg3KGSt1QGf9dX9bE2Zgb6QYVXTr092/VuIvAP6GUn5ltMJ4Qu1+GUhzQXykj 6Av3gtrwoWHg7iG3X66+A3XQ6oIjKHTplA8LDC5a3g1bcECaJI/QDxfC4xIyIqhT HUJPy1FH6cFKTVGEF7h4HvcQKjpbt20UuCE4a9Om8PPw2P/iaBNnS+jV5AQ/RVwL nfhxNQkNg0rYmFfUFjNWajjK+YWgjTN/Ny3Ba4hTl66PV5OSHtkQtIJtDTJcAxP0 7hX/CaEU9TnJl5HKmlhNv1PvqMmM951N39ODbf+zG23yVw+2hmE1SWDcJxAAv1LD sCMFh5vesPb/7Bvbc1Qi23lX27gjYA3bzPnwREdEQ+9nyiKbwFAvIZ5KwszIdmlR qIlGpIvpQOJYEC3aVq7tDlABkwF7pBaAGOQqYpP8O+iM7kJNDGCVaGWEL2OuVHjY bGLlmB3ueonyCP+g94nH =IxYx -----END PGP SIGNATURE----- . ----------------------------------------------------------------------

Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch

TITLE: Apple iTunes Two Vulnerabilities

SECUNIA ADVISORY ID: SA49489

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49489/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49489

RELEASE DATE: 2012-06-12

DISCUSS ADVISORY: http://secunia.com/advisories/49489/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/49489/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=49489

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Apple has reported two vulnerabilities in Apple iTunes, which can be exploited by malicious people to compromise a user's system.

2) A vulnerability is caused due to a bundled vulnerable version of WebKit.

For more information see vulnerability #3 in: SA48454

NOTE: This vulnerability does not affect the application on OS X Lion systems.

SOLUTION: Update to version 10.6.3.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Gjoko Krstic, Zero Science Lab. 2) Adam Barth and Abhishek Arya, Google Chrome Security Team.

ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT5318

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201206-0336",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "10.6"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apple",
        "version": "10.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.0.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.3.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.5.1.42"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.1.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.1.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.0"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apple",
        "version": "10.4.0.80"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "10.5.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "10.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.4"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.2.2.12"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.1.1.4"
      },
      {
        "model": "itunes",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.6.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.5.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.4.1.10"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.5.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.4.1"
      },
      {
        "model": "itunes",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "10.6.3"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "apple",
        "version": "10.6.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2.2"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.1,
        "vendor": "apple",
        "version": "10.6.1.7 and 10.6.0.40"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2012-5093"
      },
      {
        "db": "BID",
        "id": "53933"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-154"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0677"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:apple:itunes",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gjoko Krstic of Zero Science Lab",
    "sources": [
      {
        "db": "BID",
        "id": "53933"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2012-0677",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2012-0677",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-53958",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2012-0677",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2012-0677",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201206-154",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "ZSL",
            "id": "ZSL-2012-5093",
            "trust": 0.1,
            "value": "(4/5)"
          },
          {
            "author": "VULHUB",
            "id": "VHN-53958",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2012-5093"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53958"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-154"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0677"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist. Apple iTunes is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. \nAttackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. iTunes is a free application for your Mac or PC. It lets you organize and play digital music and video on your computer. It can automatically download new music, app, and book purchases across all your devices and computers. And it\u2019s a store that has everything you need to be entertained. Anywhere. a specially crafted .M3U file. Successful exploitation could allow execution of arbitrary code on the affected node.\u003cbr/\u003e\u003cbr/\u003e\t--------------------------------------------------------------------------------\u003cbr/\u003e\u003cbr/\u003e\u003ccode\u003e (940.fc0): Access violation - code c0000005 (!!! second chance !!!)\u003cbr/\u003e eax=41414141 ebx=08508cd8 ecx=41414141 edx=052a6528 esi=052a64b0 edi=0559ef20\u003cbr/\u003e eip=41414141 esp=0012d8e8 ebp=7c90ff2d iopl=0         nv up ei pl nz na pe nc\u003cbr/\u003e cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000206\u003cbr/\u003e\u003cunloaded_card.dll\u003e+0x41414130:\u003cbr/\u003e 41414141 ??              ???\u003cbr/\u003e\u003cbr/\u003e ~~~\u003cbr/\u003e\u003cbr/\u003e (6b0.a04): Access violation - code c0000005 (!!! second chance !!!)\u003cbr/\u003e eax=41414141 ebx=00000000 ecx=00000014 edx=41414141 esi=41414141 edi=0187e10d\u003cbr/\u003e eip=0187deec esp=0b0cfcd0 ebp=0b0cfcf0 iopl=0         nv up ei pl nz na pe nc\u003cbr/\u003e cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000206\u003cbr/\u003e Defaulted to export symbols for C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\CoreFoundation.dll -\u003cbr/\u003e CoreFoundation!CFWriteStreamCreateWithAllocatedBuffers+0x40:\u003cbr/\u003e 0187deec 8b00            mov     eax,dword ptr [eax]  ds:0023:41414141=????????\u003cbr/\u003e\u003c/unloaded_card.dll\u003e\u003c/code\u003e\u003cbr/\u003e\t--------------------------------------------------------------------------------\u003cbr/\u003e\u003cbr/\u003eTested on: Microsoft Windows XP Professional SP3 EN (32bit)Microsoft Windows 7 Ultimate SP1 EN (64bit). Apple iTunes is a set of media player applications of Apple (Apple), which is mainly used for playing and managing digital music and video files. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-06-11-1 iTunes 10.6.3\n\niTunes 10.6.3 is now available and addresses the following:\n\niTunes\nAvailable for:  Mac OS X v10.5 or later, Windows 7, Vista,\nXP SP2 or later\nImpact:  Importing a maliciously crafted .m3u playlist may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A heap buffer overflow existed in the handling of .m3u\nplaylists. \nCVE-ID\nCVE-2012-0677 : Gjoko Krstic of Zero Science Lab\n\nWebKit\nAvailable for:  Windows 7, Vista, XP SP2 or later\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A memory corruption issue existed in WebKit. \nCVE-ID\nCVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome\nSecurity Team\n\n\niTunes 10.6.3 may be obtained from:\nhttp://www.apple.com/itunes/download/\n\nFor Mac OS X:\nThe download file is named: \"iTunes10.6.3.dmg\"\nIts SHA-1 digest is: e673e5cbd2955130efbc92a788fff178e66bd155\n\nFor Windows XP / Vista / Windows 7:\nThe download file is named: \"iTunesSetup.exe\"\nIts SHA-1 digest is: 2618f701f1d1a853e33138a57bec193bcd08438e\n\nFor 64-bit Windows XP / Vista / Windows 7:\nThe download file is named: \"iTunes64Setup.exe\"\nIts SHA-1 digest is: 3806af762a066fde3d7e83f86a429ae40175561e\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.18 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJP1iVwAAoJEPefwLHPlZEwwCwQAK3GHSCBWGFlkIdf5A14STjH\n418W8jBN7fYpZL04wnBxFC4n6r9213/TAIq+FBQAUpS1Q4442qWbJ7DUPCU34+aC\n1nhRhL6vXCrfsIqZB7YdsGIrcSw3iAKpyszCyDfE6l4oqwQuGzeUsZ89ZTxvKMLw\nQYelU0izAJHcBKDJ+GiQCSZjoYgOha9dW1rDE50EIc274SoyZqHBV1hs2fSkslMq\nGWKgg3KGSt1QGf9dX9bE2Zgb6QYVXTr092/VuIvAP6GUn5ltMJ4Qu1+GUhzQXykj\n6Av3gtrwoWHg7iG3X66+A3XQ6oIjKHTplA8LDC5a3g1bcECaJI/QDxfC4xIyIqhT\nHUJPy1FH6cFKTVGEF7h4HvcQKjpbt20UuCE4a9Om8PPw2P/iaBNnS+jV5AQ/RVwL\nnfhxNQkNg0rYmFfUFjNWajjK+YWgjTN/Ny3Ba4hTl66PV5OSHtkQtIJtDTJcAxP0\n7hX/CaEU9TnJl5HKmlhNv1PvqMmM951N39ODbf+zG23yVw+2hmE1SWDcJxAAv1LD\nsCMFh5vesPb/7Bvbc1Qi23lX27gjYA3bzPnwREdEQ+9nyiKbwFAvIZ5KwszIdmlR\nqIlGpIvpQOJYEC3aVq7tDlABkwF7pBaAGOQqYpP8O+iM7kJNDGCVaGWEL2OuVHjY\nbGLlmB3ueonyCP+g94nH\n=IxYx\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nApple iTunes Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49489\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49489/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49489\n\nRELEASE DATE:\n2012-06-12\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49489/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49489/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49489\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nApple has reported two vulnerabilities in Apple iTunes, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\n2) A vulnerability is caused due to a bundled vulnerable version of\nWebKit. \n\nFor more information see vulnerability #3 in:\nSA48454\n\nNOTE: This vulnerability does not affect the application on OS X Lion\nsystems. \n\nSOLUTION:\nUpdate to version 10.6.3. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Gjoko Krstic, Zero Science Lab. \n2) Adam Barth and Abhishek Arya, Google Chrome Security Team. \n\nORIGINAL ADVISORY:\nApple:\nhttp://support.apple.com/kb/HT5318\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-0677"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      },
      {
        "db": "BID",
        "id": "53933"
      },
      {
        "db": "ZSL",
        "id": "ZSL-2012-5093"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53958"
      },
      {
        "db": "PACKETSTORM",
        "id": "113566"
      },
      {
        "db": "PACKETSTORM",
        "id": "113591"
      }
    ],
    "trust": 2.25
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.zeroscience.mk/codes/itunes_bof.txt",
        "trust": 0.1,
        "type": "poc"
      },
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-53958",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2012-5093"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53958"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-0677",
        "trust": 2.9
      },
      {
        "db": "SECUNIA",
        "id": "49489",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "19773",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-154",
        "trust": 0.7
      },
      {
        "db": "APPLE",
        "id": "APPLE-SA-2012-06-11-1",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "53933",
        "trust": 0.5
      },
      {
        "db": "PACKETSTORM",
        "id": "113566",
        "trust": 0.3
      },
      {
        "db": "PACKETSTORM",
        "id": "113555",
        "trust": 0.2
      },
      {
        "db": "EXPLOIT-DB",
        "id": "19098",
        "trust": 0.2
      },
      {
        "db": "OSVDB",
        "id": "82897",
        "trust": 0.1
      },
      {
        "db": "VULDB",
        "id": "5552",
        "trust": 0.1
      },
      {
        "db": "CXSECURITY",
        "id": "WLB-2012060148",
        "trust": 0.1
      },
      {
        "db": "SECTRACK",
        "id": "1027142",
        "trust": 0.1
      },
      {
        "db": "ZSL",
        "id": "ZSL-2012-5093",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-73064",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-73321",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "19387",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-53958",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113591",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2012-5093"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53958"
      },
      {
        "db": "BID",
        "id": "53933"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      },
      {
        "db": "PACKETSTORM",
        "id": "113566"
      },
      {
        "db": "PACKETSTORM",
        "id": "113591"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-154"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0677"
      }
    ]
  },
  "id": "VAR-201206-0336",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-53958"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T21:06:54.500000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT5318",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5318"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-53958"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0677"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2012/jun/msg00000.html"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a17016"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0677"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu626251"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0677"
      },
      {
        "trust": 0.7,
        "url": "http://secunia.com/advisories/49489"
      },
      {
        "trust": 0.7,
        "url": "http://www.nsfocus.net/vulndb/19773"
      },
      {
        "trust": 0.2,
        "url": "http://support.apple.com/kb/ht5318"
      },
      {
        "trust": 0.2,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/itunes/download"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-0677"
      },
      {
        "trust": 0.1,
        "url": "https://isc.sans.edu/diary/apple+itunes+security+update/13435"
      },
      {
        "trust": 0.1,
        "url": "http://cxsecurity.com/issue/wlb-2012060148"
      },
      {
        "trust": 0.1,
        "url": "http://www.exploit-db.com/exploits/19098/"
      },
      {
        "trust": 0.1,
        "url": "http://packetstormsecurity.org/files/113555"
      },
      {
        "trust": 0.1,
        "url": "http://packetstormsecurity.org/files/113566"
      },
      {
        "trust": 0.1,
        "url": "http://www.securelist.com/en/advisories/49489"
      },
      {
        "trust": 0.1,
        "url": "http://www.securitytracker.com/id/1027142"
      },
      {
        "trust": 0.1,
        "url": "http://osvdb.org/show/osvdb/82897"
      },
      {
        "trust": 0.1,
        "url": "http://www.scmagazine.com.au/news/304973,booby-trapped-playlist-pwns-itunes.aspx"
      },
      {
        "trust": 0.1,
        "url": "http://www.crn.com.au/news/304998,booby-trapped-playlist-hits-itunes.aspx"
      },
      {
        "trust": 0.1,
        "url": "http://lists.virus.org/apple-security-1206/msg00000.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.camcert.gov.kh/?p=1201"
      },
      {
        "trust": 0.1,
        "url": "http://securityvulns.com/docs28127.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.net-security.org/advisory.php?id=14441"
      },
      {
        "trust": 0.1,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2012-06/0051.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.cert.be/pro/node/12532"
      },
      {
        "trust": 0.1,
        "url": "http://sylvar.tumblr.com/post/25087980360/apple-itunes-10-6-1-7-m3u-playlist-file-walking"
      },
      {
        "trust": 0.1,
        "url": "http://www.securityfocus.com/bid/53933"
      },
      {
        "trust": 0.1,
        "url": "http://www.nessus.org/plugins/index.php?view=single\u0026amp;id=59497"
      },
      {
        "trust": 0.1,
        "url": "http://www.nessus.org/plugins/index.php?view=single\u0026amp;id=59498"
      },
      {
        "trust": 0.1,
        "url": "http://www.nessus.org/plugins/index.php?view=single\u0026amp;id=59499"
      },
      {
        "trust": 0.1,
        "url": "http://www.scmagazine.com/itunes-vulnerability-may-enable-remote-code-execution/article/246207/"
      },
      {
        "trust": 0.1,
        "url": "http://www.informationweek.com/aroundtheweb/security/itunes-vulnerability-may-enable-remote-c/704d55486d51544d524931735147714b49364f5558773d3d"
      },
      {
        "trust": 0.1,
        "url": "http://www.msnbc.msn.com/id/47876553/ns/technology_and_science-security/"
      },
      {
        "trust": 0.1,
        "url": "http://www.libertas.mk/vest/28065/makedonski-it-ekspert-otkri-opasen-bezbednosen-defekt-vo-itjuns"
      },
      {
        "trust": 0.1,
        "url": "http://www.scip.ch/en/?vuldb.5552"
      },
      {
        "trust": 0.1,
        "url": "http://www.infosecurity-magazine.com/view/26492/researcher-publishes-proofofconcept-exploit-for-itunes/"
      },
      {
        "trust": 0.1,
        "url": "http://www.intego.com/mac-security-blog/time-to-update-itunes/"
      },
      {
        "trust": 0.1,
        "url": "http://tif.mcafee.com/threats/3500"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0672"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0677"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/itunes/download/"
      },
      {
        "trust": 0.1,
        "url": "http://gpgtools.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/psi_30_beta_launch"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49489/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49489"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/49489/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "ZSL",
        "id": "ZSL-2012-5093"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53958"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      },
      {
        "db": "PACKETSTORM",
        "id": "113566"
      },
      {
        "db": "PACKETSTORM",
        "id": "113591"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-154"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0677"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZSL",
        "id": "ZSL-2012-5093"
      },
      {
        "db": "VULHUB",
        "id": "VHN-53958"
      },
      {
        "db": "BID",
        "id": "53933"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      },
      {
        "db": "PACKETSTORM",
        "id": "113566"
      },
      {
        "db": "PACKETSTORM",
        "id": "113591"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-154"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-0677"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-12T00:00:00",
        "db": "ZSL",
        "id": "ZSL-2012-5093"
      },
      {
        "date": "2012-06-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-53958"
      },
      {
        "date": "2012-06-11T00:00:00",
        "db": "BID",
        "id": "53933"
      },
      {
        "date": "2012-06-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      },
      {
        "date": "2012-06-12T22:20:34",
        "db": "PACKETSTORM",
        "id": "113566"
      },
      {
        "date": "2012-06-13T02:54:15",
        "db": "PACKETSTORM",
        "id": "113591"
      },
      {
        "date": "2012-06-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-154"
      },
      {
        "date": "2012-06-12T14:55:01.250000",
        "db": "NVD",
        "id": "CVE-2012-0677"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-06-01T00:00:00",
        "db": "ZSL",
        "id": "ZSL-2012-5093"
      },
      {
        "date": "2017-09-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-53958"
      },
      {
        "date": "2012-06-17T00:01:00",
        "db": "BID",
        "id": "53933"
      },
      {
        "date": "2012-06-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      },
      {
        "date": "2012-06-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-154"
      },
      {
        "date": "2024-11-21T01:35:31.127000",
        "db": "NVD",
        "id": "CVE-2012-0677"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-154"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apple iTunes Heap-based buffer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002670"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-154"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2012-0677 (GCVE-0-2012-0677)

Vulnerability from cvelistv5

fkie_cve-2012-0677

Vulnerability from fkie_nvd

ghsa-w699-h5p9-7m5f

Vulnerability from github

gsd-2012-0677

Vulnerability from gsd

CERTA-2012-AVI-329

Vulnerability from certfr_avis

Solution

var-201206-0336

Vulnerability from variot

Tags

Sightings

Nomenclature