PT-2019-18040 · Apple · Itunes For Windows+1

Stefan Kanthak

Publicado

2019-12-18

Atualizado

2019-12-21

CVE-2019-6232

CVSS v2.0

7.6

Alta

Vetor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions iCloud for Windows versions prior to 7.11

Description A race condition existed during the installation of iTunes for Windows, which could result in arbitrary code execution if the iTunes installer is run in an untrusted directory. This issue was addressed with improved state handling.

Recommendations For versions prior to 7.11, update to iCloud for Windows version 7.11 to resolve the issue. As a temporary workaround, consider avoiding the installation of iTunes in untrusted directories until the update is applied.

Correção

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

CVE-2019-6232

Produtos afetados

Icloud For Windows

Itunes For Windows

PT-2019-18040 · Apple · Itunes For Windows+1

CVE-2019-6232

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3