Full Disclosure mailing list archives
!ADVISORY! | x Thu Mar 16 03:00:40 EST 2006 x | Heap Overflow in Apple iTunes
From: naveedafzal () gmail com
Date: Thu, 16 Mar 2006 08:00:46 +0000 (GMT)
!ADVISORY! | x Thu Mar 16 03:00:40 EST 2006 x | Heap Overflow in Apple iTunes 8==========================D~~~~~~~~~~~~~~~~~ 8===D BACKGROUND 8==========================D~~~~~~~~~~~~~~~~~ This problem had no background. 8==========================D~~~~~~~~~~~~~~~~~ 8===D DESCRIPTION 8==========================D~~~~~~~~~~~~~~~~~ It is possible to make Apple iTunes crash or run arbitrary code by the use of malformed input. 8==========================D~~~~~~~~~~~~~~~~~ 8===D VENDOR RESPONSE 8==========================D~~~~~~~~~~~~~~~~~ Apple iTunes had extended no explanation on the problem at hand. 8==========================D~~~~~~~~~~~~~~~~~ 8===D CVE INFORMATION 8==========================D~~~~~~~~~~~~~~~~~ The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-258518 to this issue 8==========================D~~~~~~~~~~~~~~~~~ APPENDIX A VENDOR INFORMATION 8==========================D~~~~~~~~~~~~~~~~~ http://www.apple.com/itunes/ 8==========================D~~~~~~~~~~~~~~~~~ CONTACT 8==========================D~~~~~~~~~~~~~~~~~ naveed naveedafzal () gmail com GSAE CEH CSFA SSP-CNSA GWAS SSCP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- !ADVISORY! | x Thu Mar 16 03:00:40 EST 2006 x | Heap Overflow in Apple iTunes naveedafzal (Mar 16)