Apple has released iTunes 10.6.3 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
Available for: Mac OS X v10.5.8 or later, Windows 7, Vista, XP SP2 or later
Impact: Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow existed in the handling of .m3u playlists.
CVE-2012-0677 : Gjoko Krstic of Zero Science Lab
Available for: Windows 7, Vista, XP SP2 or later
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in WebKit.
CVE-2012-0672 : Adam Barth and Abhishek Arya of the Google Chrome Security Team
CamCERT encourages users and administrators to review Apple Support Article HT5318 and apply any necessary updates to help mitigate the risk.
III. Contact Information
– Email: firstname.lastname@example.org
– Tel: (855) 92 335 536 – (855) 16 888 209
[message_box title=”Disclaimer” color=”yellow”]
The information provided herein is on “as is” basis, without warranty of any kind.