漏洞类别:Local
漏洞等级: 
漏洞信息
iTunes is a digital media player application for Mac OS and Windows developed by Apple.
SQLite and expat in Apple iTunes for Windows and Mac OS is prone to multiple vulnerabilities that may cause Arbitrary Code Execution. Affected Versions:
Apple iTunes prior to 12.6
漏洞危害
Successful exploitation of these vulnerabilities may allow an attacker to cause arbitrary code execution, denial of service, privilege escalation and leakage of sensitive information.
解决方案
Apple iTunes 12.6 has been released to address this issue. The update can be downloaded and installed via Apple Downloads.
Refer to Apple Security Updates for more information on the vulnerabilities and patching your system:
APPLE-SA-2017-03-22-1
APPLE-SA-2017-03-22-2
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论