Apple iTunes '.m3u' File Remote Stack Buffer Overflow Vulnerability
Severity: : Critical
CVE Kennungen: : CVE-2012-0677
Advisory Date: 21 de июля de 2015
DESCRIPTION
Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1005068
Trend Micro Deep Security DPI Rule Name: 1005068 - Apple iTunes 'm3u' Stack Based Buffer Overflow Vulnerability
AFFECTED SOFTWARE AND VERSION:
- apple itunes 10.0
- apple itunes 10.0.1
- apple itunes 10.1
- apple itunes 10.1.1
- apple itunes 10.1.1.4
- apple itunes 10.1.2
- apple itunes 10.2
- apple itunes 10.2.2.12
- apple itunes 10.3
- apple itunes 10.3.1
- apple itunes 10.4
- apple itunes 10.4.0.80
- apple itunes 10.4.1
- apple itunes 10.4.1.10
- apple itunes 10.5
- apple itunes 10.5.1
- apple itunes 10.5.1.42
- apple itunes 10.5.2
- apple itunes 10.5.3
- apple itunes 10.6
- apple itunes 10.6.1