Full Disclosure mailing list archives
[Advisory] $ x Thu Mar 16 14:02:04 EST 2006 x $ Buffer Overflow in Apple iTunes
From: peak () argo troja mff cuni cz
Date: Thu, 16 Mar 2006 19:02:08 +0000 (GMT)
[Advisory] $ x Thu Mar 16 14:02:04 EST 2006 x $ Buffer Overflow in Apple iTunes ------------------------------------------------------ 8===D DESCRIPTION ------------------------------------------------------ It is possible to make Apple iTunes crash or run arbitrary code by the use of malformed input. ------------------------------------------------------ 8===D VENDOR RESPONSE ------------------------------------------------------ Apple iTunes has extended no information regarding the vulnerability in question. ------------------------------------------------------ 8===D CVE INFORMATION ------------------------------------------------------ The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-105072 to this issue ------------------------------------------------------ APPENDIX A VENDOR INFORMATION ------------------------------------------------------ http://www.apple.com/itunes/ ------------------------------------------------------ CONTACT ------------------------------------------------------ Pavel Kankovsky peak () argo troja mff cuni cz CISSP CCE CEH CSFA GREM SSP-CNSA SSP-MPA GWAS CAP SSCP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [Advisory] $ x Thu Mar 16 14:02:04 EST 2006 x $ Buffer Overflow in Apple iTunes peak (Mar 16)