lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070906190659.GE18970@isecpartners.com>
Date: Thu, 6 Sep 2007 12:06:59 -0700
From: David Thiel <david@...cpartners.com>
To: <bugtraq@...urityfocus.com>
Subject: iTunes 7.3.x - Heap overflow in album cover parsing

iSEC Partners Security Advisory - 2007-005-itunes
https://www.isecpartners.com
--------------------------------------------

iTunes 7.3.x - Heap overflow in album cover parsing

Vendor: Apple, Inc.
Vendor URL: http://www.apple.com
Versions affected: Confirmed in iTunes 7.3.2
Systems Affected: Confirmed on OS X 10.4.10 PPC, Windows XP x86
Severity: High (potential code execution)
Author: David Thiel <david[at]isecpartners[dot]com>

Vendor notified: 2007-07-29
Public release: 2007-09-05
Advisory URL: https://www.isecpartners.com/advisories/2007-005-itunes.txt
Vendor Advisory URL: http://docs.info.apple.com/article.html?artnum=306404

Summary:
--------
A vulnerability exists in iTunes where an attacker can cause a denial
of service or code execution via maliciously crafted album cover art
embedded in a media file.

Details:
--------
iTunes 7.3.2 and earlier are vulnerable to a heap overflow when parsing
the 'covr' atom of an MP4/AAC file. This atom is normally used for the
storage of album cover art.

Fix Information:
----------------
This issue is fixed in iTunes 7.4, available via Software Update or 
download at http://www.apple.com/itunes/download/.

Thanks to:
----------
The Apple product security team for a timely response to this issue.

About iSEC Partners:
--------------------
iSEC Partners is a full-service security consulting firm that provides
penetration testing, secure systems development, security education
and software design verification, with offices in San Francisco,
Seattle, Ewa Beach and Los Angeles.

https://www.isecpartners.com
info@...cpartners.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ