Full Disclosure mailing list archives
-ADVISORY- + [Thu Mar 16 13:41:45 EST 2006] + Local Privilege Escalation Vulnerability in Apple iTunes
From: sikurezza () nexlab it
Date: Thu, 16 Mar 2006 18:41:51 +0000 (GMT)
-ADVISORY- + [Thu Mar 16 13:41:45 EST 2006] + Local Privilege Escalation Vulnerability in Apple iTunes 8=======D~~~~~~~~~~ [+] DESCRIPTION 8=======D~~~~~~~~~~ Apple iTunes incorrectly validates user input, making privilege escalation possible. 8=======D~~~~~~~~~~ [+] WORKAROUND 8=======D~~~~~~~~~~ This vulnerability had no workarounds. 8=======D~~~~~~~~~~ [+] VENDOR RESPONSE 8=======D~~~~~~~~~~ Apple iTunes is offered no identified commentary regarding this problem at hand. 8=======D~~~~~~~~~~ APPENDIX A VENDOR INFORMATION 8=======D~~~~~~~~~~ http://www.apple.com/itunes/ 8=======D~~~~~~~~~~ CONTACT 8=======D~~~~~~~~~~ sikurezza () nexlab it sikurezza () nexlab it GSAE CCE CEH CSFA SSP-CNSA GIPS GHTQ CAP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- -ADVISORY- + [Thu Mar 16 13:41:45 EST 2006] + Local Privilege Escalation Vulnerability in Apple iTunes sikurezza (Mar 16)
