Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

!ADVISORY! | x Thu Mar 16 03:00:40 EST 2006 x | Heap Overflow in Apple iTunes

From: naveedafzal () gmail com
Date: Thu, 16 Mar 2006 08:00:46 +0000 (GMT)



!ADVISORY! | x Thu Mar 16 03:00:40 EST 2006 x | Heap Overflow in Apple iTunes




8==========================D~~~~~~~~~~~~~~~~~
8===D BACKGROUND
8==========================D~~~~~~~~~~~~~~~~~
This problem had no background.
8==========================D~~~~~~~~~~~~~~~~~
8===D DESCRIPTION
8==========================D~~~~~~~~~~~~~~~~~
It is possible to make Apple iTunes crash or run arbitrary code by the use of malformed input.

8==========================D~~~~~~~~~~~~~~~~~
8===D VENDOR RESPONSE
8==========================D~~~~~~~~~~~~~~~~~
Apple iTunes had extended no explanation on the problem at hand.
8==========================D~~~~~~~~~~~~~~~~~
8===D CVE INFORMATION
8==========================D~~~~~~~~~~~~~~~~~
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-258518 to this issue

8==========================D~~~~~~~~~~~~~~~~~
APPENDIX A VENDOR INFORMATION
8==========================D~~~~~~~~~~~~~~~~~
http://www.apple.com/itunes/



8==========================D~~~~~~~~~~~~~~~~~
CONTACT
8==========================D~~~~~~~~~~~~~~~~~
naveed naveedafzal () gmail com

GSAE CEH CSFA SSP-CNSA GWAS SSCP 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: