Test Kennung:	1.3.6.1.4.1.25623.1.0.902639
Kategorie:	Mac OS X Local Security Checks
Titel:	Apple iTunes Remote Code Execution Vulnerability - Mac OS X
Zusammenfassung:	Apple iTunes is prone to a remote code execution (RCE) vulnerability.
Beschreibung:	Summary: Apple iTunes is prone to a remote code execution (RCE) vulnerability. Vulnerability Insight: The flaw is due to the improper verification of authenticity of updates, allows man-in-the-middle attack execute arbitrary code via a Trojan horse update. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code in the context of the user running the affected application. Affected Software/OS: Apple iTunes version prior to 10.5.1 on Mac OS X. Solution: Upgrade to Apple Apple iTunes version 10.5.1 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3434 http://lists.apple.com/archives/Security-announce/2011/Nov/msg00003.html http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html http://www.infobyte.com.ar/down/Francisco%20Amato%20-%20evilgrade%20-%20ENG.pdf http://www.infobyte.com.ar/down/isr-evilgrade-1.0.0.tar.gz https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17136
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.