Apple has released a new version of its ubiquitous iTunes software that includes fixes for nearly 60 vulnerabilities, including several bugs that could be used to run remote code on vulnerable machines.
Most of the vulnerabilities that Apple fixed with the release of iTunes 10.2 lie in the open source WebKit layout engine that underpins iTunes. Many of the vulnerabilities can be used by attackers to either crash iTunes or execute arbitrary code on the PC. Apple recommends that users download the new version immediately.
“Multiple memory corruption issues exist in WebKit. A man-in-the-middle attack while browsing the iTunes Store via iTunes may lead to an unexpected application termination or arbitrary code execution,” Apple said in its advisory.
The non-WebKit bugs fixed in the new version of iTunes are equally as serious, with several of them capable of being used for remote code execution. Here are the details on the non-WebKit vulnerabilities:
- ImageIO
Available for: Windows 7, Vista, XP SP2 or later
Impact: Multiple vulnerabilities in libpng
Description: libpng is updated to version 1.4.3 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. For Mac OS X v10.5 systems, this is addressed in Security Update 2010-007.
- ImageIO
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow issue existed in ImageIO’s handling of JPEG images. Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution.
- ImageIO
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in libTIFF’s handling of JPEG encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution.
- ImageIO
Available for: Windows 7, Vista, XP SP2 or later
Impact: Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution
Description: A buffer overflow existed in libTIFF’s handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution. - libxml
Available for: Windows 7, Vista, XP SP2 or later
Impact: Processing a maliciously crafted XML file may lead to an unexpected application termination or arbitrary code execution
Description: A double free issue existed in libxml’s handling of XPath expressions. Processing a maliciously crafted XML file may lead to an unexpected application termination or arbitrary code execution. - libxml
Available for: Windows 7, Vista, XP SP2 or later
Impact: Processing a maliciously crafted XML file may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in libxml’s XPath handling. Processing a maliciously crafted XML file may lead to an unexpected application termination or arbitrary code execution.
A large number of the vulnerabilities fixed in this release of iTunes were reported by members of Google’s internal security research team, which has become quite active in researching outside applications recently.