Multiple vulnerabilities in Apple iTunes

Описание

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A code execution vulnerability in ImageIO can be exploited via special crafted image to execute arbitrary code.
2. A memory corruption vulnerability in WebKit can be exploited via special crafted web content to execute arbitrary code.
3. A type confusion vulnerability in Foundation can be exploited via special crafted webpage to execute arbitrary code.
4. A memory corruption vulnerability in ImageIO can be exploited via special crafted image to execute arbitrary code.
5. A remote code execution vulnerability in CoreGraphics can be exploited remotely to execute arbitrary code.
6. A security bypass vulnerability in WebKit can be exploited to bypass security restrictions.

Первичный источник обнаружения

• About the security content of iTunes 12.12 for Windows
  

Связанные продукты

• Apple-iTunes

Список CVE

• CVE-2021-30835
  high
• CVE-2021-30849
  high
• CVE-2021-30847
  high
• CVE-2021-30814
  high
• CVE-2021-30823
  warning
• CVE-2021-30852
  high
• CVE-2021-30928
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com