ESB-2018.0969 - [Win] Apple iTunes : Multiple vulnerabilities 2018-04-03

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.0969
                         iTunes 12.7.4 for Windows
                               3 April 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Apple iTunes
Publisher:         Apple
Operating System:  Windows
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-4165 CVE-2018-4163 CVE-2018-4162
                   CVE-2018-4161 CVE-2018-4146 CVE-2018-4144
                   CVE-2018-4130 CVE-2018-4129 CVE-2018-4128
                   CVE-2018-4127 CVE-2018-4125 CVE-2018-4122
                   CVE-2018-4121 CVE-2018-4120 CVE-2018-4119
                   CVE-2018-4118 CVE-2018-4117 CVE-2018-4114
                   CVE-2018-4113 CVE-2018-4101 

Reference:         ESB-2018.0967
                   ESB-2018.0965
                   ESB-2018.0964
                   ESB-2018.0963

Original Bulletin: 
   https://support.apple.com/en-au/HT208694

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2018-3-29-7 iTunes 12.7.4 for Windows

iTunes 12.7.4 for Windows is now available and addresses the
following:

Security
Available for: Windows 7 and later
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4144: Abraham Masri (@cheesecakeufo)

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab
CVE-2018-4114: found by OSS-Fuzz
CVE-2018-4118: Jun Kokatsu (@shhnjk)
CVE-2018-4119: an anonymous researcher working with Trend Micro's
Zero Day Initiative
CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team
CVE-2018-4121: Natalie Silvanovich of Google Project Zero
CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4127: an anonymous researcher working with Trend Micro's
Zero Day Initiative
CVE-2018-4128: Zach Markley
CVE-2018-4129: likemeng of Baidu Security Lab working with Trend
Micro's Zero Day Initiative
CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative
CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative
CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team

WebKit
Available for: Windows 7 and later
Impact: Unexpected interaction with indexing types causing an ASSERT
failure
Description: An array indexing issue existed in the handling of a
function in javascript core. This issue was addressed through
improved checks.
CVE-2018-4113: found by OSS-Fuzz

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to a
denial of service
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2018-4146: found by OSS-Fuzz

WebKit
Available for: Windows 7 and later
Impact: A malicious website may exfiltrate data cross-origin
Description: A cross-origin issue existed with the fetch API. This
was addressed through improved input validation.
CVE-2018-4117: an anonymous researcher, an anonymous researcher

Installation note:

iTunes 12.7.4 for Windows may be obtained from:
https://www.apple.com/itunes/download/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9Gl8pHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEY5SRAA
kaeQpy/7Sev7CRxsApXpRKRlo+WXKvLa5XIuonS7+ro0qPnwM3opTJGbtTcD9pQa
mY2HQ7N7+EOJrFMbLByLfldLw4ZqrwK2tsid+gXr30GyKSqJLeH83oZ5CR5pmf3I
4YdzP8xXcFcxD7Sw5u1polwjKwFHjCA5ziGBOjvcBRcZIcBx+/ml8vRFPh4LGyuy
kGDqAD3GLFIb4cc+cQzQNA9dn/5D33wfECP+fdKBq/BwNh1Hk3kWNOQLstycnOWY
th1zyrHwPDmLOVQGpvL5WBDNR6Rft2ttVlNnNx4C7lpaKIh9Y7hF0QjyjtlBaRjf
nfXFhW0GPlYMu/8zz9rgh3YB7boo7Ek5vPMjrl91oXdRhbiip6akVAdQ6YpvAHcy
dqoVY+X/6uLHfl4AR3mTOwNkRJP3Cxo6KlRg7S8CyLYT5FVEEEUdCfk+pIpGG+A3
m80WGndW2hxwxKylSOAGdsNtEzn4SSLAQ4z2Iyhe3sPnPdBFRmEmVHWhwQg4yMbD
g37KWguwokwiingqytNKrsQ8Fkx1YSrRLgNUwzeUSLUroQcMH0F9u9ewsvEEkbbI
F8dlx62eWAQaRAY0tLe2LEXbCDyyrxDoQNvyy/mO7XM2FpX5mPQeer9AJmMMP9bU
7VHDWahYj6ym0lPc4nh/DmDPCUHrJ91Wdu0vjn+/T/Q=
=YboF
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWsMZkIx+lLeg9Ub1AQgKQQ//dSKtYcKsaD3lgF0c8MkSEeiCY+xLoVW1
ulDRP0batONRD0/t+Rrtc5/JznWrBzoGSIGlIWkO5E3b9/eEatBM+XBxrOhcjeuj
laK+iYN/Bk4c0dIYp5vyrPx6KXleEPLPVzckD101zsQ7qMKxVrrPtQfYZNVH/QnT
Oh49veLk1QyqrDMLdW3VyhaNwaJ5dDTclNSojTxLhA+Cps7gyuFfshxKQrDWTHQ6
/DAjbhUYg4mOr7FnEwd4VEGe3+4gaMUsThbGO7Mt4fYGcLUWokaCMT31MBr446wB
oB4vAKswehdc3fnzypbk86pFfzehHYUcZZ3anuPN5Md42OeuCG7D9BWrxqpszM7o
+5gBXiFVQ18z5MLV6M4SzaSkvhTDwGC+8OPGV1Cf4t/ZqAWcf5IgW1Vk0cmj0tFq
KS/L1ZVAfXgQ9MH5NxZXleOUUFqdtymNEuVPffbbJ829BX8yRgZctdc0pziGLY5C
58XQEqS2/mM8JhT0MTqAZsVDduZc3XPbr87IssBNcqedkoiM7LwkL2PVH8wrKDBe
6yBMIVNvm1VCOMTkJYeng/i01ASlpMV4i/HGfr4qFxmjJmX8bvR6CGGvSWPzyaaA
B4v0lLHb9YwrRG+3i46pK1dXduan74fU3Ym5BnTOvJeTpanmcxSD29TV9X/pKLdG
hQbjY315sGs=
=GjkP
-----END PGP SIGNATURE-----

« Back to bulletins