Apple Security Advisory 2017-10-31-6

Apple Security Advisory 2017-10-31-6: Posted Nov 1, 2017; Authored by Apple | Site apple.com; Apple Security Advisory 2017-10-31-6 - iTunes 12.7.1 for Windows is now available and addresses multiple code execution vulnerabilities.; tags | advisory, vulnerability, code execution; systems | windows, apple; advisories | CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788, CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794, CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13802, CVE-2017-13803; SHA-256 | c9a20a8f75f9ac95762f0243fba4e1fb030f44aa3c2b0be9d969220323334a11; Download | Favorite | View

Apple Security Advisory 2017-10-31-6

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows

iTunes 12.7.1 for Windows is now available and addresses the
following:

WebKit
Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2017-13785: Ivan Fratric of Google Project Zero
CVE-2017-13784: Ivan Fratric of Google Project Zero
CVE-2017-13783: Ivan Fratric of Google Project Zero
CVE-2017-13788: xisigr of Tencent's Xuanwu Lab (tencent.com)
CVE-2017-13798: Ivan Fratric of Google Project Zero
CVE-2017-13795: Ivan Fratric of Google Project Zero
CVE-2017-13802: Ivan Fratric of Google Project Zero
CVE-2017-13792: Ivan Fratric of Google Project Zero
CVE-2017-13794: Ivan Fratric of Google Project Zero
CVE-2017-13791: Ivan Fratric of Google Project Zero
CVE-2017-13796: Ivan Fratric of Google Project Zero
CVE-2017-13793: Hanul Choi working with Trend Micro's Zero Day
Initiative
CVE-2017-13803: chenqin (ee|) of Ant-financial Light-Year Security

Installation note:

iTunes 12.7.1 for Windows may be obtained from:
https://www.apple.com/itunes/download/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAln4u8EpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZ1CRAA
xMTNG0Zj+OoLMD/Ov9CnV9pW5vjSuTQ9WuA18Dx5uu5W3CWyq0LKxcLdjqXUDDdv
y01pKRttWDW0ASo2j1dpPs1KCJUaBS0p+GKgaIaGWUSRRUzbQ66CtywPoS7XQ4j5
kZc1ffLv9nQWSG1K2BPCfAO85hjoz5Z7gnv7apuwlvHZzrdQDwmbHGlQmEdffmRF
JyWDUnJf0G62a3sJgV1qbBVFA2f/PCh1jYroMts3m7B6Cf/zyQnQGpTBWE8ocQIV
JiFBXv6F/lgAIyGkKHnQcAOy081LJ07uPl0phuJJyWCzuXHYezTQcUEdbJvDf6YN
Z//OgvqiTYCHYaemPJ1s6OFSVb5D6ZpBNSUvmzqs02GcLOJcDmyjILAqJkP06va4
q0rUBr0PPBOrC/EMe0jgMitEmmC6+tJZ3384fS4OmJKIPpvZeqWfVm5Q/6K1nmsN
GB3vtmqVLRJgZo9C5OnJNsu2nbk26YR0FdbRfAoq/al0wAOX7u5781rlqRQD2bFu
YJSnUNNyuCTHrVebSCaynVmBDRLQMvHpSYsGtFbGvqQV1IwRyD4hsmd7t9R8E/rv
ZBn4wkjA8aA0bH7pFHYRVKWsIQS2HrXwST/kTaJJEXr5nWgqtBW+FepV16vKb+Dw
ksB9TffeaLOICXSvUrHsFwWN5FqWW5dlswZQ6ijyAhg=
=0iAp
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Apple Security Advisory 2017-10-31-6

Apple Security Advisory 2017-10-31-6

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Apple Security Advisory 2017-10-31-6

Share This

Apple Security Advisory 2017-10-31-6

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems