ID de Prueba:	1.3.6.1.4.1.25623.1.0.800804
Categoría:	Buffer overflow
Título:	Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability (HT3592)
Resumen:	Apple iTunes is prone to a stack based buffer overflow; vulnerability.
Descripción:	Summary: Apple iTunes is prone to a stack based buffer overflow vulnerability. Vulnerability Insight: Error occurs when application fails to perform adequate boundary checks before copying user-supplied data to an insufficiently-sized buffer while processing a specially crafted 'itms:' URL. Vulnerability Impact: Successful attacks will lead to buffer overflow or denial of service to legitimate users. Affected Software/OS: Apple iTunes prior to version 8.2 on Windows. Solution: Update to version 8.2 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0950 http://lists.apple.com/archives/security-announce/2009/Jun/msg00001.html BugTraq ID: 35157 http://www.securityfocus.com/bid/35157 Bugtraq: 20090602 Re: TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/504043/100/0/threaded https://www.exploit-db.com/exploits/8861 https://www.exploit-db.com/exploits/8934 http://redpig.dataspill.org/2009/05/drive-by-attack-for-itunes-811.html http://static.dataspill.org/releases/itunes/itms_overflow.rb http://osvdb.org/54833 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17099 http://www.securitytracker.com/id?1022313 http://secunia.com/advisories/35314 http://www.vupen.com/english/advisories/2009/1470 XForce ISS Database: itunes-itms-bo(50899) https://exchange.xforce.ibmcloud.com/vulnerabilities/50899
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.