[VIM] VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability

VUPEN Security team at vupen.com
Sat Apr 3 08:31:46 UTC 2010


Yes,

The vulnerability we discovered (CVE-2010-0040) affects both Safari and 
iTunes:

http://support.apple.com/kb/HT4070
Safari 4.0.5 / ColorSync
CVE-ID: CVE-2010-0040
Available for: Windows 7, Vista, XP
Impact: Viewing a maliciously crafted image with an embedded color profile 
may lead to an unexpected application termination or arbitrary code 
execution
http://support.apple.com/kb/HT4105
iTunes 9.1 / ColorSync
CVE-ID: CVE-2010-0040
Available for: Windows 7, Vista, XP
Impact: Viewing a maliciously crafted image with an embedded color profile 
may lead to an unexpected application termination or arbitrary code 
execution
Regards,
C.B. - VUPEN Security
http://www.vupen.com

----- Original Message ----- 
From: "security curmudgeon" <jericho at attrition.org>
To: <security at apple.com>
Cc: <vim at attrition.org>
Sent: Saturday, April 03, 2010 2:18 AM
Subject: Re: [VIM] VUPEN Security Research - Apple iTunes ColorSync Profile 
Integer Overflow Vulnerability


>
> Hi Apple,
>
> : VUPEN Security Research - Apple iTunes ColorSync Profile Integer
> : Overflow Vulnerability
> :
> : "iTunes is a free application for Mac or PC. It organizes and plays
> : digital music and video on computers. It syncs all media files with
> : iPod, iPhone, and Apple TV." from Apple.com
>
> The apple advisory says this is a Safari vuln, while the VUPEN advisory
> says iTunes:
>
> http://support.apple.com/kb/HT4070
>
> Safari 4.0.5
> ColorSync
> CVE-ID: CVE-2010-0040
> Available for: Windows 7, Vista, XP
>
> The VUPEN timeline says both are affected:
>
> : 2010-03-12 - Vulnerability Fixed in Safari v4.0.5
> : 2010-03-31 - Vulnerability Fixed in iTunes v9.1
>
> Can Apple confirm this affects both, and if the iTunes is a Windows only
> issue?
>
> Brian
> OSVDB.org
> 



More information about the VIM mailing list