Secunia Security Advisory – Apple has reported two vulnerabilities in Apple iTunes, which can be exploited by malicious people to compromise a user’s system.
>> CATEGORY: Apple
Apple Security Advisory 2012-06-11-1 – iTunes 10.6.3 is now available and addresses multiple issues. Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of .m3u playlists. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit.
Apple iTunes version 10.6.1.7 M3U playlist file walking heap buffer overflow proof of concept exploit. This also affects 10.6.0.40.
This is a (fast) multi-threaded python tool for enumerating subdomains. This tool also contains a large list of real subdomains that you will find in the wild. By default this…
Webapp-Exploit-Payloads is a collection of payloads for common webapps. For example Joomla and WordPress. From the hundreds of different Web Application Vulnerabilities that can be found on any website, only a…
BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes. It allows the experienced penetration tester or system administrator additional attack vectors when…
WebSploit is an open source project which is used to scan and analysis remote system in order to find various type of vulnerabilities. This tool is very powerful and support multiple vulnerabilities.
Proof of concept crash exploit for Safari on iOS that leverage a denial of service vulnerability.
Zero Day Initiative Advisory 12-078 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Apple QuickTime handles file with the Sorenson v3 Codec
Zero Day Initiative Advisory 12-077 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QuickTimeVR.qtx component