- Nov 5, 2011
- 193
For those who use Apple's iTunes.
Secunia Advisory SA46848
Apple iTunes security update from 10.5.0.x to 10.5.1.
Description:
A weakness has been reported in Apple iTunes, which can be exploited by malicious people to conduct spoofing attacks.
The weakness is caused due the software update mechanism using an HTTP request to check for new updates. This can be exploited to e.g. spoof an update via Man-in-the-Middle (MitM) attacks.
Successful exploitation requires that Apple Software Update is not installed.
The weakness is reported in versions prior to 10.5.1.
Secunia Details
Apple iTunes
Secunia Advisory SA46848
Apple iTunes security update from 10.5.0.x to 10.5.1.
Description:
A weakness has been reported in Apple iTunes, which can be exploited by malicious people to conduct spoofing attacks.
The weakness is caused due the software update mechanism using an HTTP request to check for new updates. This can be exploited to e.g. spoof an update via Man-in-the-Middle (MitM) attacks.
Successful exploitation requires that Apple Software Update is not installed.
The weakness is reported in versions prior to 10.5.1.
Secunia Details
Apple iTunes