| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Mar 16 08:36:35 2006 From: john.r.bond at gmail.com (john.r.bond@...il.com) Subject: -ADVISORY- $ x Thu Mar 16 03:30:09 EST 2006 x $ Off-by-one in Apple iTunes -ADVISORY- $ x Thu Mar 16 03:30:09 EST 2006 x $ Off-by-one in Apple iTunes 8======================D~~ [+] BACKGROUND 8======================D~~ This product has no identified background. 8======================D~~ [+] DESCRIPTION 8======================D~~ It is possible to make Apple iTunes crash by the use of malformed input. 8======================D~~ [+] HISTORY 8======================D~~ 5-1-2006 [+] Vendor Notification. 17-2-2006 [+] Vendor Reply. 16-3-2006 [+] Public Disclosure. 8======================D~~ [+] WORKAROUND 8======================D~~ There was no identified workarounds. 8======================D~~ [+] VENDOR RESPONSE 8======================D~~ Apple iTunes has presented no identified information. 8======================D~~ [+] CVE INFORMATION 8======================D~~ The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-137848 to this issue 8======================D~~ APPENDIX A VENDOR INFORMATION 8======================D~~ http://www.apple.com/itunes/ 8======================D~~ APPENDIX B REFERENCES 8======================D~~ RFC 4231 8======================D~~ CONTACT 8======================D~~ John Bond john.r.bond@...il.com CSFA GREM SSP-CNSA SSP-MPA GWAS CAP
Powered by blists - more mailing lists