TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow
Vulnerabilities
http://dvlabs.tippingpoint.com/advisory/TPTI-09-03
June 2, 2009
-- CVE ID:
CVE-2009-0950
-- Affected Vendors:
Apple
-- Affected Products:
Apple iTunes
-- TippingPoint(TM) IPS Customer Protection:
TippingPoint
Here's the (mac) exploit module to go along with my simul-report to
apple: http://static.dataspill.org/releases/itunes/itms_overflow.rb
On Tue, Jun 2, 2009 at 3:27 PM, dvlabs dvl...@tippingpoint.com wrote:
TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow
Vulnerabilities
Hi Will,
WD Here's the (mac) exploit module to go along with my simul-report to
WD apple: http://static.dataspill.org/releases/itunes/itms_overflow.rb
OMFG, you must by kidding, are we 1999 again ?? Classical Stack buffer
overflow in URL request ?! ..o m f g =) Nice find!
itms_base_url =
Thierry Zoller to Will Drewry:
WD Here's the (mac) exploit module to go along with my simul-report to
WD apple: http://static.dataspill.org/releases/itunes/itms_overflow.rb
OMFG, you must by kidding, are we 1999 again ?? Classical Stack buffer
overflow in URL request ?! ..o m f g =) Nice
Dude watch ascii porn you'll feel better.
The apple thing has been around for ages. Just look at the facts based on
stats, not emotional POV. If ppl want to pay more it's not a security related
problem so off topic here.
Take it easy,
Deepquest
On 3 Jun 2009, at 19:47, Nick FitzGerald