Multiple vulnerabilities in Apple iTunes

Açıklama

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A code execution vulnerability in ImageIO can be exploited via special crafted image to execute arbitrary code.
2. A memory corruption vulnerability in WebKit can be exploited via special crafted web content to execute arbitrary code.
3. A type confusion vulnerability in Foundation can be exploited via special crafted webpage to execute arbitrary code.
4. A memory corruption vulnerability in ImageIO can be exploited via special crafted image to execute arbitrary code.
5. A remote code execution vulnerability in CoreGraphics can be exploited remotely to execute arbitrary code.
6. A security bypass vulnerability in WebKit can be exploited to bypass security restrictions.

Orijinal öneriler

• About the security content of iTunes 12.12 for Windows

Kötüye kullanma

Public exploits exist for this vulnerability.

İlgili ürünler

• Apple-iTunes

CVE Listesi

• CVE-2021-30835
  critical
• CVE-2021-30849
  critical
• CVE-2021-30847
  critical
• CVE-2021-30814
  critical
• CVE-2021-30823
  high
• CVE-2021-30852
  critical
• CVE-2021-30928
  critical

Daha fazlasını okuyun

Bölgenizde yayılan güvenlik açıklarının istatistiklerini öğrenin statistics.securelist.com