Date: 17 June 2010
References: ESB-2010.0509 ASB-2010.0149 ESB-2010.0739 ESB-2010.1066 ESB-2011.0087
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2010.0539
iTunes 9.2 fixes multiple vulnerabilities
17 June 2010
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: iTunes
Publisher: Apple
Operating System: Windows XP
Windows Vista
Windows 7
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2010-1774 CVE-2010-1771 CVE-2010-1770
CVE-2010-1769 CVE-2010-1763 CVE-2010-1761
CVE-2010-1759 CVE-2010-1758 CVE-2010-1749
CVE-2010-1422 CVE-2010-1421 CVE-2010-1419
CVE-2010-1418 CVE-2010-1417 CVE-2010-1416
CVE-2010-1415 CVE-2010-1414 CVE-2010-1412
CVE-2010-1411 CVE-2010-1410 CVE-2010-1409
CVE-2010-1408 CVE-2010-1405 CVE-2010-1404
CVE-2010-1403 CVE-2010-1402 CVE-2010-1401
CVE-2010-1400 CVE-2010-1399 CVE-2010-1398
CVE-2010-1397 CVE-2010-1396 CVE-2010-1395
CVE-2010-1393 CVE-2010-1392 CVE-2010-1390
CVE-2010-1387 CVE-2010-1119 CVE-2010-0544
CVE-2009-1726
Reference: ASB-2010.0149
ESB-2010.0509
Original Bulletin:
http://support.apple.com/kb/HT4220
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2010-06-16-1 iTunes 9.2
iTunes 9.2 is now available and addresses the following:
ColorSync
CVE-ID: CVE-2009-1726
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted image with an embedded
ColorSync profile may lead to an unexpected application termination
or arbitrary code execution
Description: A heap buffer overflow exists in the handling of images
with an embedded ColorSync profile. Opening a maliciously crafted
image with an embedded ColorSync profile may lead to an unexpected
application termination or arbitrary code execution. This issue is
addressed through improved validation of ColorSync profiles. Credit
to Chris Evans of the Google Security Team, and Andrzej Dyjak for
reporting this issue.
ImageIO
CVE-ID: CVE-2010-1411
Available for: Windows 7, Vista, XP SP2 or later
Impact: Opening a maliciously crafted TIFF file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple integer overflows in the handling of TIFF
files may result in a heap buffer overflow. Opening a maliciously
crafted TIFF file may lead to an unexpected application termination
or arbitrary code execution. The issues are addressed through
improved bounds checking. Credit to Kevin Finisterre of
digitalmunition.com for reporting these issues.
WebKit
CVE-ID: CVE-2010-0544, CVE-2010-1119, CVE-2010-1387, CVE-2010-1390,
CVE-2010-1392, CVE-2010-1393, CVE-2010-1395, CVE-2010-1396,
CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400,
CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404,
CVE-2010-1405, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410,
CVE-2010-1412, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416,
CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421,
CVE-2010-1422, CVE-2010-1749, CVE-2010-1758, CVE-2010-1759,
CVE-2010-1761, CVE-2010-1763, CVE-2010-1769, CVE-2010-1770,
CVE-2010-1771, CVE-2010-1774
Available for: Windows 7, Vista, XP SP2 or later
Impact: Multiple vulnerabilities in WebKit
Description: WebKit is updated to the version included in Safari 5.0
and Safari 4.1 to address several vulnerabilities, the most serious
of which may lead to arbitrary code execution. Further information is
available at http://support.apple.com/kb/HT4196
iTunes 9.2 may be obtained from:
http://www.apple.com/itunes/download/
For Mac OS X:
The download file is named: "iTunes9.2.dmg"
Its SHA-1 digest is: fc0cd72f63ce2a39ae24ccc6cdd00c921a8a542e
For Windows XP / Vista / Windows 7:
The download file is named: "iTunesSetup.exe"
Its SHA-1 digest is: 36b0bab6592437bb90d3bf0c8e2475d9f707f20b
For 64-bit Windows XP / Vista / Windows 7:
The download file is named: "iTunes64Setup.exe"
Its SHA-1 digest is: fee32b82f0f9afbedfe37231b78b65083ca7c024
Information will also be posted to the Apple Security Updates
web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJMGRhTAAoJEGnF2JsdZQeea+oH/3xaEZAZ9dHFdMR4Jf6XNokV
WY1vXIcUJRZC1B59y8He/k8Zx8Yk5axEO0QEXrPhK7CNsw9dxXfB35Svs+DH/bn9
9zniFYElsQP4gWZBbj9BcIDqEXvuLTG6aDXtZMQxo5eojCrK1esdpGPr1uEcGn9V
DGy22Kn4xJn8xKuCGhaRnP4Hi9lJ5KSkVd+ZEXN8XKsN2dKqPnzcR0Ddd6XdJn5u
Sg5WjABn6rSqBlTbqbJOopqOucU/NAyvV8y4N3KFS1bXMV/j1CV7sDsc/yilxt+x
7hPHdj0aal6PRG9v6XSrXTMIYlaDCnDBLWEeebKD1Lw7eJDlDUgobNez05L505E=
=EIP2
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFMGVay/iFOrG6YcBERAvr+AJ4uxv/M34QUX6srM8kRozMpIxNNdACg0kPG
hvI/V24r7RplR1S42izOLeE=
=4Qkx
-----END PGP SIGNATURE-----
|