Sign-up

ID

VAR-200505-0910


CVE

CVE-2005-0043


TITLE

Apple iTunes fails to properly handle overly long URLs in playlists

Trust: 0.8

sources: CERT/CC: VU#377368

DESCRIPTION

Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files. This issue is exposed when the application parses 'm3u' and 'pls' playlist files. As these files may originate from an external source, this issue is considered remotely exploitable. If the vulnerability is successfully exploited, it will result in execution of arbitrary code in the context of the user running the application. Apple iTunes is a media player program. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2005-01-11 iTunes 4.7.1 iTunes 4.7.1 is now available and delivers the following security enhancement: CVE-ID: CAN-2005-0043 Impact: Malicious playlists can cause iTunes to crash and could execute arbitrary code Description: iTunes supports several common playlist formats. Credit to Sean de Regge (seanderegge[at]hotmail.com) for discovering this issue, and to iDEFENSE Labs for reporting it to us. Available for: Mac OS X, Microsoft Windows XP, Microsoft Windows 2000 iTunes 4.7.1 may be obtained from the Software Update pane in System Preferences, or Apple's iTunes download site: http://www.apple.com/itunes/download/ The download file is named: "iTunes4.7.1.dmg" Its SHA-1 digest is: 2ae8c815f18756c24dfbc1ac7d837b75b828b92a Information will also be posted to the Apple Product Security web site: http://docs.info.apple.com/article.html?artnum=61798 This message is signed with Apple's Product Security PGP key, and details are available at: http://www.apple.com/support/security/security_pgp.html -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQEVAwUBQeQviJyw5owIz4TQAQIMrgf/fYmI5LZy5DM5a61kbXgnzq5OpQQPaidH disRa8UbjGrr+sSvEytQaxgO5vbDsZWgDGYeeaHTUeyiBdznO/b7X9moUC0uXEtC /a/CC2219AYeoQLJCMWhiIbrkL3OQ8QHoV3KaMlcg98tHgsrZKg1ssqEZszkjNrV Jj1dm3hYn2/DHPqzhGy2+l4Lp/8Bdg2VwXJjCLrqD6cgcSAX0HVdVq+CM2VQ1DGH O9PjkspNxoTR2iV0VbJdc+q/Mi1HXlouNaURgR01oBYGqZoQ2mxYGMLIthgVoyri E/c5iyPq4lwDnhyjii4fajLO/3BW6MY7RVoNWv2ipYjVi1RPQ6d6iQ== =SryY -----END PGP SIGNATURE----- -- David Mirza Ahmad Symantec PGP: 0x26005712 8D 9A B1 33 82 3D B3 D0 40 EB AB F0 1E 67 C6 1A 26 00 57 12

Trust: 2.07

sources: NVD: CVE-2005-0043 // CERT/CC: VU#377368 // BID: 12238 // VULHUB: VHN-11252 // PACKETSTORM: 35698

AFFECTED PRODUCTS

vendor:applemodel:itunesscope:eqversion:4.7

Trust: 1.9

vendor:apple computermodel: - scope: - version: -

Trust: 0.8

vendor:applemodel:itunesscope:eqversion:4.6

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:4.2.72

Trust: 0.3

vendor:applemodel:itunesscope:neversion:4.7.1

Trust: 0.3

sources: CERT/CC: VU#377368 // BID: 12238 // CNNVD: CNNVD-200505-661 // NVD: CVE-2005-0043

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-0043
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#377368
value: 30.38

Trust: 0.8

CNNVD: CNNVD-200505-661
value: HIGH

Trust: 0.6

VULHUB: VHN-11252
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2005-0043
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-11252
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#377368 // VULHUB: VHN-11252 // CNNVD: CNNVD-200505-661 // NVD: CVE-2005-0043

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-0043

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-661

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200505-661

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-11252

EXTERNAL IDS
db:SECUNIAid:13804
Trust: 2.5
db:CERT/CCid:VU#377368
Trust: 2.5
db:NVDid:CVE-2005-0043
Trust: 2.1
db:BIDid:12238
Trust: 2.0
db:SECTRACKid:1012839
Trust: 1.7
db:OSVDBid:12833
Trust: 1.7
db:CNNVDid:CNNVD-200505-661
Trust: 0.7
db:XFid:18851
Trust: 0.6
db:XFid:3
Trust: 0.6
db:IDEFENSEid:20050113 APPLE ITUNES PLAYLIST PARSING BUFFER OVERFLOW VULNERABILITY
Trust: 0.6
db:APPLEid:APPLE-SA-2005-01-11
Trust: 0.6
db:PACKETSTORMid:35698
Trust: 0.2
db:EXPLOIT-DBid:758
Trust: 0.1
db:EXPLOIT-DBid:16562
Trust: 0.1
db:SEEBUGid:SSVID-71076
Trust: 0.1
db:PACKETSTORMid:83127
Trust: 0.1
db:VULHUBid:VHN-11252
Trust: 0.1
sources:
            
            
            CERT/CC: VU#377368 // 
            
            
            
            VULHUB: VHN-11252 // 
            
            
            
            BID: 12238 // 
            
            
            
            PACKETSTORM: 35698 // 
            
            
            
            CNNVD: CNNVD-200505-661 // 
            
            
            
            NVD: CVE-2005-0043

REFERENCES
url:http://lists.apple.com/archives/security-announce/2005/jan/msg00000.html
Trust: 1.7
url:http://www.securityfocus.com/bid/12238
Trust: 1.7
url:http://www.kb.cert.org/vuls/id/377368
Trust: 1.7
url:http://www.osvdb.org/12833
Trust: 1.7
url:http://securitytracker.com/id?1012839
Trust: 1.7
url:http://secunia.com/advisories/13804
Trust: 1.7
url:http://www.idefense.com/application/poi/display?id=180&type=vulnerabilities
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/18851
Trust: 1.1
url:http://docs.info.apple.com/article.html?artnum=61798
Trust: 0.9
url:http://idefense.com/application/poi/display?id=180&type=vulnerabilities&flashstatus=true
Trust: 0.8
url:http://secunia.com/advisories/13804/
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/18851
Trust: 0.6
url:http://www.apple.com/itunes/
Trust: 0.3
url:/archive/1/387306
Trust: 0.3
url:/archive/1/387080
Trust: 0.3
url:http://www.idefense.com/application/poi/display?id=180&type=vulnerabilities
Trust: 0.1
url:http://www.apple.com/support/security/security_pgp.html
Trust: 0.1
url:http://www.apple.com/itunes/download/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2005-0043
Trust: 0.1
sources:
            
            
            CERT/CC: VU#377368 // 
            
            
            
            VULHUB: VHN-11252 // 
            
            
            
            BID: 12238 // 
            
            
            
            PACKETSTORM: 35698 // 
            
            
            
            CNNVD: CNNVD-200505-661 // 
            
            
            
            NVD: CVE-2005-0043

CREDITS
Sean de Regge※ seanderegge@hotmail.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200505-661

SOURCES
db:CERT/CCid:VU#377368
db:VULHUBid:VHN-11252
db:BIDid:12238
db:PACKETSTORMid:35698
db:CNNVDid:CNNVD-200505-661
db:NVDid:CVE-2005-0043

LAST UPDATE DATE
2024-08-14T12:38:22.133000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#377368date:2005-01-14T00:00:00
db:VULHUBid:VHN-11252date:2017-07-11T00:00:00
db:BIDid:12238date:2009-07-12T09:27:00
db:CNNVDid:CNNVD-200505-661date:2005-10-20T00:00:00
db:NVDid:CVE-2005-0043date:2017-07-11T01:32:04.123

SOURCES RELEASE DATE
db:CERT/CCid:VU#377368date:2005-01-14T00:00:00
db:VULHUBid:VHN-11252date:2005-05-02T00:00:00
db:BIDid:12238date:2005-01-11T00:00:00
db:PACKETSTORMid:35698date:2005-01-12T08:06:19
db:CNNVDid:CNNVD-200505-661date:2005-01-11T00:00:00
db:NVDid:CVE-2005-0043date:2005-05-02T04:00:00