Test Kennung:	1.3.6.1.4.1.25623.1.0.902638
Kategorie:	General
Titel:	Apple iTunes Remote Code Execution Vulnerability (Windows)
Zusammenfassung:	This host is installed with Apple iTunes and is prone to remote; code execution vulnerability.
Beschreibung:	Summary: This host is installed with Apple iTunes and is prone to remote code execution vulnerability. Vulnerability Insight: The flaw is due to the improper verification of authenticity of updates, allows man-in-the-middle attack execute arbitrary code via a Trojan horse update. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code in the context of the user running the affected application. Affected Software/OS: Apple iTunes version prior to 10.5.1 (10.5.1.42) on Windows. Solution: Upgrade to Apple Apple iTunes version 10.5.1 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 50672 Common Vulnerability Exposure (CVE) ID: CVE-2008-3434 http://lists.apple.com/archives/Security-announce/2011/Nov/msg00003.html http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html http://www.infobyte.com.ar/down/Francisco%20Amato%20-%20evilgrade%20-%20ENG.pdf http://www.infobyte.com.ar/down/isr-evilgrade-1.0.0.tar.gz https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17136
Copyright	Copyright (C) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.