Computer Security
[EN] no-pyccku

Apple iTunes insecure updates
SecurityVulns ID:12036
Threat Level:
Description:Software updtes were checked insecurely.
Affected:APPLE : iTunes 10.5
CVE:CVE-2008-3434 (Apple iTunes before does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.)
Original documentdocumentAPPLE, APPLE-SA-2011-11-14-1 iTunes 10.5.1 (16.11.2011)

Apple iPhone multiple security vulnerabilities
SecurityVulns ID:12037
Threat Level:
Description:URL spoofing, memory corruption, protection bypass.
Affected:APPLE : Apple iOS 4.3
 APPLE : Apple iOS 5.0
CVE:CVE-2011-3442 (The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app.)
 CVE-2011-3439 (FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.)
 CVE-2011-3246 (CFNetwork in Apple iOS before 5.0.1 and Mac OS X 10.7 before 10.7.2 does not properly parse URLs, which allows remote attackers to trigger visits to unintended web sites, and transmission of cookies to unintended web sites, via a crafted (1) http or (2) https URL.)
Original documentdocumentAPPLE, APPLE-SA-2011-11-10-1 iOS 5.0.1 Software Update (16.11.2011)

Apple Mac Os X sandbox protection bypass
SecurityVulns ID:12038
Threat Level:
Description:It's possible to bypass sandbox restriction by controlling different applications.
Affected:APPLE : MacOS X 10.5
 APPLE : MacOS X 10.6
 APPLE : MacOS X 10.7
CVE:CVE-2011-1516 (The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x through 10.7.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted application, as demonstrated by use of osascript to send Apple events to the launchd daemon, a related issue to CVE-2008-7303.)
Original documentdocumentCORE SECURITY TECHNOLOGIES ADVISORIES, CORE-2011-0919: Apple OS X Sandbox Predefined Profiles Bypass (16.11.2011)

ISC DHCP dhclient DHCP client shell unfiltered characters vulnerability
updated since 12.04.2011
SecurityVulns ID:11577
Threat Level:
Description:Shell characters vulnerability on server options processing.
Affected:APPLE : Apple Airport
 ISC : dhcp 4.1
 APPLE : Apple Time Capsule
CVE:CVE-2011-0997 (dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script.)
Original documentdocumentAPPLE, APPLE-SA-2011-11-10-2 Time Capsule and AirPort Base Station (802.11n) Firmware 7.6 (16.11.2011)
 documentDEBIAN, [SECURITY] [DSA 2216-1] isc-dhcp security update (12.04.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod