===================================================================== CERT-Renater Note d'Information No. 2010/VULN215 _____________________________________________________________________ DATE : 17/06/2010 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows running iTunes versions prior to 9.2. ====================================================================== http://support.apple.com/kb/HT4220 ______________________________________________________________________ APPLE-SA-2010-06-16-1 iTunes 9.2 iTunes 9.2 is now available and addresses the following: ColorSync CVE-ID: CVE-2009-1726 Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow exists in the handling of images with an embedded ColorSync profile. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. This issue is addressed through improved validation of ColorSync profiles. Credit to Chris Evans of the Google Security Team, and Andrzej Dyjak for reporting this issue. ImageIO CVE-ID: CVE-2010-1411 Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: Multiple integer overflows in the handling of TIFF files may result in a heap buffer overflow. Opening a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution. The issues are addressed through improved bounds checking. Credit to Kevin Finisterre of digitalmunition.com for reporting these issues. WebKit CVE-ID: CVE-2010-0544, CVE-2010-1119, CVE-2010-1387, CVE-2010-1390, CVE-2010-1392, CVE-2010-1393, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1749, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1763, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1774 Available for: Windows 7, Vista, XP SP2 or later Impact: Multiple vulnerabilities in WebKit Description: WebKit is updated to the version included in Safari 5.0 and Safari 4.1 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available at http://support.apple.com/kb/HT4196 iTunes 9.2 may be obtained from: http://www.apple.com/itunes/download/ For Mac OS X: The download file is named: "iTunes9.2.dmg" Its SHA-1 digest is: fc0cd72f63ce2a39ae24ccc6cdd00c921a8a542e For Windows XP / Vista / Windows 7: The download file is named: "iTunesSetup.exe" Its SHA-1 digest is: 36b0bab6592437bb90d3bf0c8e2475d9f707f20b For 64-bit Windows XP / Vista / Windows 7: The download file is named: "iTunes64Setup.exe" Its SHA-1 digest is: fee32b82f0f9afbedfe37231b78b65083ca7c024 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================