Описание
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service.
Below is a complete list of vulnerabilities
- Multiple memory corruptions at WebKit can be exploited via iTunes Store manipulations;
- Multiple memory corruptions can be exploited via vectors related to CoreText.
Technical details
(1) can be triggered via man-in-the-middle attack while browsing iTunes Store.
(2) caused by improper memory handling while text files processing.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2015-7012 high
- CVE-2015-7011 high
- CVE-2015-7017 critical
- CVE-2015-7014 high
- CVE-2015-6975 critical
- CVE-2015-6992 critical
- CVE-2015-7013 high
- CVE-2015-5931 high
- CVE-2015-7002 high
- CVE-2015-5929 high
- CVE-2015-5930 high
- CVE-2015-5928 high
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!