ID de Prueba:	1.3.6.1.4.1.25623.1.0.900122
Categoría:	Privilege escalation
Título:	Apple iTunes < 8.0 Local Privilege Escalation Vulnerability (Sep 2008)
Resumen:	Apple iTunes is prone to a privilege escalation vulnerability.
Descripción:	Summary: Apple iTunes is prone to a privilege escalation vulnerability. Vulnerability Insight: The flaw is due to integer overflow error in a third-party driver bundled with iTune. Vulnerability Impact: Successful exploitation will allow local users to obtain elevated privileges thus compromising the affected system. Affected Software/OS: Apple iTunes versions prior to 8.0 on Windows. Solution: Update to version 8.0 or later. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3636 http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html BugTraq ID: 31089 http://www.securityfocus.com/bid/31089 Bugtraq: 20081007 [W02-1008] GearSoftware Powered Products Local Privilege Escalation (Microsoft Windows Kernel IopfCompleteRequest Integer Overflow) (Google Search) http://www.securityfocus.com/archive/1/497131/100/0/threaded CERT/CC vulnerability note: VU#146896 http://www.kb.cert.org/vuls/id/146896 http://www.wintercore.com/advisories/advisory_W021008.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6035 http://securitytracker.com/id?1020839 http://www.securitytracker.com/id?1020997 http://www.securitytracker.com/id?1020998 http://www.securitytracker.com/id?1020999 http://www.vupen.com/english/advisories/2008/2526 http://www.vupen.com/english/advisories/2008/2769 http://www.vupen.com/english/advisories/2008/2770
Copyright	Copyright (C) 2008 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.