Beschreibung
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.
Below is a complete list of vulnerabilities:
- An access issue can be exploited remotely to execute arbitrary code with system privileges;
- An out-of-bounds read in libxml2 component can be exploited remotely via a specially XML document to obtain sensitive information;
- Multiple memory corruption vulnerabilities in WebKit, WebKit Page Loading and WebKit Web Inspector components can be exploited remotely via a specially designed web content to execute arbitrary code;
- A memory initialization issue in WebKit component can be exploited remotely to obtain sensitive information.
Technical details
Exploiting vulnerability (4) allows to read restricted memory.
Ursprüngliche Informationshinweise
CVE Liste
- CVE-2017-7041 critical
- CVE-2017-7042 critical
- CVE-2017-7043 critical
- CVE-2017-7046 critical
- CVE-2017-7048 critical
- CVE-2017-7049 critical
- CVE-2017-7052 critical
- CVE-2017-7053 critical
- CVE-2017-7055 critical
- CVE-2017-7056 critical
- CVE-2017-7061 critical
- CVE-2017-7064 critical
- CVE-2017-7010 critical
- CVE-2017-7012 critical
- CVE-2017-7013 critical
- CVE-2017-7018 critical
- CVE-2017-7019 critical
- CVE-2017-7020 critical
- CVE-2017-7030 critical
- CVE-2017-7034 critical
- CVE-2017-7037 critical
- CVE-2017-7039 critical
- CVE-2017-7040 critical
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!