Sign-up

ID

VAR-200808-0363


CVE

CVE-2008-3434


TITLE

Apple iTunes Updates for vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2011-003067

DESCRIPTION

Apple iTunes before 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. Apple From iTunes An update for has been released.Man-in-the-middle attacks (man-in-the-middle attack) Any software iTunes May appear to be an update. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Successful exploits will compromise the affected application and possibly the underlying computer. iTunes is a free application for iPod and iPhone media file management. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-11-14-1 iTunes 10.5.1 iTunes 10.5.1 is now available and addresses the following: iTunes Available for: Mac OS X v10.5 or later, Windows 7, Vista, XP SP2 or later Impact: A man-in-the-middle attacker may offer software that appears to originate from Apple Description: iTunes periodically checks for software updates using an HTTP request to Apple. If Apple Software Update for Windows is not installed, clicking the Download iTunes button may open the URL from the HTTP response in the user's default browser. This issue has been mitigated by using a secured connection when checking for available updates. For OS X systems, the user's default browser is not used because Apple Software Update is included with OS X, however this change adds additional defense-in-depth. CVE-ID CVE-2008-3434 : Francisco Amato of Infobyte Security Research iTunes 10.5.1 may be obtained from: http://www.apple.com/itunes/download/ For Mac OS X: The download file is named: "iTunes10.5.1.dmg" Its SHA-1 digest is: 08f8ebe3f75d7b98a215750c08b7d6eff7c9ceb9 For Windows XP / Vista / Windows 7: The download file is named: "iTunesSetup.exe" Its SHA-1 digest is: bbe7ed41e62ef1eb345a12a68c1a81d351057952 For 64-bit Windows XP / Vista / Windows 7: The download file is named: "iTunes64Setup.exe" Its SHA-1 digest is: c3e70eb77ab400470ef9451803c0e411eed6a689 Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJOwLKNAAoJEGnF2JsdZQeecIgH/3TTYRa3C8GPQMDZJgdD0Wgh sktAAH3DWj3HbEluuieTyLkoIzXLluVrJCaLOIt0G79gF0wkW7fB6eXU3i2MFtS2 QYy6dKzZHEKSWlez+pPDnvBLD7KWFg74rz0MBDhhgmpxqHOfJ6CU0xFuojoIYvtP 7WpLtqRpEc1R2dR/y4ACwZWfhpdatZ+mv7Gjq++Nem3/+1MU3M88eGGmX/95qGTv F6dwxf0c2jhL/5mRqC7A0ybn6VQm0oeTxEN8lgr+NQ+BQdXpH4wNzxmhtRP0AmZ6 A8sENF6QBXf4J3+fCX6NqwvAwhTNUav7ApC4TMvN6fcAHzoTECvUIdpOBSKUD3E= =7US+ -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2008-3434 // JVNDB: JVNDB-2011-003067 // BID: 50672 // VULHUB: VHN-33559 // PACKETSTORM: 107025

AFFECTED PRODUCTS

vendor:applemodel:itunesscope:eqversion:6.0.4

Trust: 1.9

vendor:applemodel:itunesscope:eqversion:6.0.3

Trust: 1.9

vendor:applemodel:itunesscope:eqversion:6.0.1

Trust: 1.9

vendor:applemodel:itunesscope:eqversion:6.0

Trust: 1.9

vendor:applemodel:itunesscope:eqversion:5.0.1

Trust: 1.6

vendor:applemodel:itunesscope:eqversion:5.0

Trust: 1.6

vendor:applemodel:itunesscope:eqversion:6.0.4.2

Trust: 1.6

vendor:applemodel:itunesscope:eqversion:6.0.2

Trust: 1.6

vendor:applemodel:itunesscope:eqversion:4.9

Trust: 1.6

vendor:applemodel:itunesscope:eqversion:3.0

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:4.7

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:2.0.2

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:2.0.1

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:4.6

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:1.1

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:3.0.1

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:4.7.1

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:2.0.3

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:4.0

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:2.0.4

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:4.5

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:4.8

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:1.1.1

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:1.0

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:1.1.2

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:4.1

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:2.0

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:4.0.1

Trust: 1.0

vendor:applemodel:itunesscope:lteversion:6.0.5

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:4.2

Trust: 1.0

vendor:applemodel:itunesscope:eqversion:6.0.5

Trust: 0.9

vendor:applemodel:itunesscope:ltversion:10.5.1

Trust: 0.8

vendor:esignalmodel:esignalscope:eqversion:6.0.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.2.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.1.8

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.3.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.3.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.3

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:9.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.1

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.0.2.20

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:8.0

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:7.4

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.5

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.2

Trust: 0.3

vendor:applemodel:itunesscope:eqversion:10.1

Trust: 0.3

vendor:applemodel:itunesscope:neversion:10.5.1

Trust: 0.3

sources: BID: 50672 // JVNDB: JVNDB-2011-003067 // CNNVD: CNNVD-200808-014 // NVD: CVE-2008-3434

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-3434
value: HIGH

Trust: 1.0

NVD: CVE-2008-3434
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200808-014
value: HIGH

Trust: 0.6

VULHUB: VHN-33559
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-3434
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-33559
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-33559 // JVNDB: JVNDB-2011-003067 // CNNVD: CNNVD-200808-014 // NVD: CVE-2008-3434

PROBLEMTYPE DATA

problemtype:CWE-94

Trust: 1.9

sources: VULHUB: VHN-33559 // JVNDB: JVNDB-2011-003067 // NVD: CVE-2008-3434

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200808-014

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-200808-014

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-003067

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-33559

PATCH
title:HT5030url:http://support.apple.com/kb/HT5030
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2011-003067

EXTERNAL IDS
db:NVDid:CVE-2008-3434
Trust: 2.9
db:JVNDBid:JVNDB-2011-003067
Trust: 0.8
db:FULLDISCid:20080728 TOOL RELEASE: [EVILGRADE] - USING DNS CACHE POISONING TO EXPLOIT POOR UPDATE IMPLEMENTATIONS
Trust: 0.6
db:CNNVDid:CNNVD-200808-014
Trust: 0.6
db:BIDid:50672
Trust: 0.4
db:PACKETSTORMid:107025
Trust: 0.2
db:VULHUBid:VHN-33559
Trust: 0.1
sources:
            
            
            VULHUB: VHN-33559 // 
            
            
            
            BID: 50672 // 
            
            
            
            JVNDB: JVNDB-2011-003067 // 
            
            
            
            PACKETSTORM: 107025 // 
            
            
            
            CNNVD: CNNVD-200808-014 // 
            
            
            
            NVD: CVE-2008-3434

REFERENCES
url:http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html
Trust: 2.0
url:http://www.infobyte.com.ar/down/francisco%20amato%20-%20evilgrade%20-%20eng.pdf
Trust: 1.7
url:http://lists.apple.com/archives/security-announce/2011/nov/msg00003.html
Trust: 1.1
url:http://support.apple.com/kb/ht5030
Trust: 1.1
url:http://www.infobyte.com.ar/down/isr-evilgrade-1.0.0.tar.gz
Trust: 1.1
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a17136
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3434
Trust: 0.8
url:http://jvn.jp/cert/jvnvu535830/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3434
Trust: 0.8
url:http://www.apple.com
Trust: 0.3
url:https://www.apple.com/support/security/pgp/
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2008-3434
Trust: 0.1
url:http://support.apple.com/kb/ht1222
Trust: 0.1
url:http://www.apple.com/itunes/download/
Trust: 0.1
url:http://gpgtools.org
Trust: 0.1
sources:
            
            
            VULHUB: VHN-33559 // 
            
            
            
            BID: 50672 // 
            
            
            
            JVNDB: JVNDB-2011-003067 // 
            
            
            
            PACKETSTORM: 107025 // 
            
            
            
            CNNVD: CNNVD-200808-014 // 
            
            
            
            NVD: CVE-2008-3434

CREDITS
Francisco Amato of Infobyte Security Research
Trust: 0.3
sources:
            
            
            BID: 50672

SOURCES
db:VULHUBid:VHN-33559
db:BIDid:50672
db:JVNDBid:JVNDB-2011-003067
db:PACKETSTORMid:107025
db:CNNVDid:CNNVD-200808-014
db:NVDid:CVE-2008-3434

LAST UPDATE DATE
2025-04-10T23:05:19.480000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-33559date:2017-09-29T00:00:00
db:BIDid:50672date:2015-03-19T08:21:00
db:JVNDBid:JVNDB-2011-003067date:2011-11-28T00:00:00
db:CNNVDid:CNNVD-200808-014date:2008-09-05T00:00:00
db:NVDid:CVE-2008-3434date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-33559date:2008-08-01T00:00:00
db:BIDid:50672date:2008-07-28T00:00:00
db:JVNDBid:JVNDB-2011-003067date:2011-11-28T00:00:00
db:PACKETSTORMid:107025date:2011-11-16T04:35:27
db:CNNVDid:CNNVD-200808-014date:2008-08-01T00:00:00
db:NVDid:CVE-2008-3434date:2008-08-01T14:41:00