Details of VAR-201707-1156

ID

VAR-201707-1156

CVE

CVE-2017-7053

TITLE

Windows for Apple iTunes of iTunes Component vulnerable to arbitrary code execution in privileged context

Trust: 0.8

sources: JVNDB: JVNDB-2017-005715

DESCRIPTION

An issue was discovered in certain Apple products. iTunes before 12.6.2 on Windows is affected. The issue involves the "iTunes" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple iTunes. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the handling of the iPodManager COM control. The issue results from the lack of proper restriction of access to the control. Apple iTunes is prone to an arbitrary code-execution vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. Versions prior to iTunes 12.6.2 are vulnerable. Apple iTunes for Windows is a set of media player applications based on the Windows platform of Apple (Apple), which is mainly used for playing and managing digital music and video files. CVE-2017-7053: an anonymous researcher working with Trend Micro's Zero Day Initiative libxml2 Available for: Windows 7 and later Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7010: Apple CVE-2017-7013: found by OSS-Fuzz WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7018: lokihardt of Google Project Zero CVE-2017-7020: likemeng of Baidu Security Lab CVE-2017-7030: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7034: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7037: lokihardt of Google Project Zero CVE-2017-7039: Ivan Fratric of Google Project Zero CVE-2017-7040: Ivan Fratric of Google Project Zero CVE-2017-7041: Ivan Fratric of Google Project Zero CVE-2017-7042: Ivan Fratric of Google Project Zero CVE-2017-7043: Ivan Fratric of Google Project Zero CVE-2017-7046: Ivan Fratric of Google Project Zero CVE-2017-7048: Ivan Fratric of Google Project Zero CVE-2017-7052: cc working with Trend Micro's Zero Day Initiative CVE-2017-7055: The UK's National Cyber Security Centre (NCSC) CVE-2017-7056: lokihardt of Google Project Zero CVE-2017-7061: lokihardt of Google Project Zero WebKit Available for: Windows 7 and later Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2017-7064: lokihardt of Google Project Zero WebKit Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed through improved memory handling. CVE-2017-7049: Ivan Fratric of Google Project Zero WebKit Page Loading Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7019: Zhiyang Zeng of Tencent Security Platform Department WebKit Web Inspector Available for: Windows 7 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2017-7012: Apple Installation note: iTunes 12.6.2 may be obtained from: https://www.apple.com/itunes/download/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VTAAoJEIOj74w0bLRGEccP/jVIFy9gzYin6CI8rIeCmWt9 kUEF+pq1YA/g+kk9taYr2OiQfqeErVDjBXpq8VwdJVtmEqAtm1vJo1KbPjYqZjGz eh9vFFgcREmm6FVGLxvI895bCjvcxqkXNXGdAYntrWV4w1zX+Is3QknK96nJ416O CYUbf92GfEPPAtEGTQQ8CTpnGfnicTluTi2qU4xi1h7SQ5JHpNEfduulVX8CBbHQ CHDnDyfXnvYmEH5IqkDaWWPgjaMJ1S/F9SCYzWgR0Skw4iXPYeIgS+Vpb61rLykK vh+KVffaS/d73QGwsWzGqq+EcPzxLGrB8/jU9VBNw5wiQysOsA3N67R2aU5blha5 MriGAOklig75+p6k6odo5hL2eUdsj/2g1zsYDKRK6hMvUpjU1boqCCY+qhRwPj6e V1BWaDB5uwEaT9dY5yFYW6W8TPoJBYZRECPDRxyGcjCyDw5RQqC24lIiEF+wbjwo loRGCo5PAcHafdRwmLtiCs71UQdywNg81giB4IbLW9HoRciMlySq1MCbfj/RSXMK VYjmIuMAJektSOYPygNQ6HN2R5odYoQNix3njXyFz9dL3xg72QtrX6sALzhdSTcu EUTHLyqQm3b3hv3qUG+q96WYtFnZe/0F2eGuquu0m1rW9wIJmLcvHRw50Wd2UJCR 0roqHiwf3axwmFEhNiWC =8+yO -----END PGP SIGNATURE-----

Trust: 2.7

sources: NVD: CVE-2017-7053 // JVNDB: JVNDB-2017-005715 // ZDI: ZDI-17-490 // BID: 99884 // VULHUB: VHN-115256 // PACKETSTORM: 143439

AFFECTED PRODUCTS

vendor:	apple	model:	itunes	scope:	lte	version:	12.6.1	Trust: 1.0
vendor:	apple	model:	itunes	scope:	lt	version:	for windows 12.6.2 (windows 7 or later )	Trust: 0.8
vendor:	apple	model:	itunes	scope:	-	version:	-	Trust: 0.7
vendor:	apple	model:	itunes	scope:	eq	version:	12.6.1	Trust: 0.6
vendor:	apple	model:	itunes	scope:	eq	version:	12.5.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.5.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.4.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.3.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.3.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.2.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.1.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	4.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.6	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.5.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.5.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	12.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0.0.163	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	11.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.7	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6.1.7	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5.1.42	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.4.1.10	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.4.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.4.0.80	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.3.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.3	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2.2.12	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.1.1.4	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.1.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.0.1	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	itunes	scope:	ne	version:	12.6.2	Trust: 0.3

sources: ZDI: ZDI-17-490 // BID: 99884 // JVNDB: JVNDB-2017-005715 // CNNVD: CNNVD-201707-957 // NVD: CVE-2017-7053

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-7053
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-7053
value:	HIGH
Trust: 0.8
ZDI:	CVE-2017-7053
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-201707-957
value:	HIGH
Trust: 0.6
VULHUB:	VHN-115256
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-7053
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
ZDI:	CVE-2017-7053
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
VULHUB:	VHN-115256
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-7053
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: ZDI: ZDI-17-490 // VULHUB: VHN-115256 // JVNDB: JVNDB-2017-005715 // CNNVD: CNNVD-201707-957 // NVD: CVE-2017-7053

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-284	Trust: 0.9

sources: VULHUB: VHN-115256 // JVNDB: JVNDB-2017-005715 // NVD: CVE-2017-7053

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201707-957

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201707-957

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005715

PATCH

title:	Apple security updates	url:	https://support.apple.com/en-us/HT201222	Trust: 0.8
title:	HT207928	url:	https://support.apple.com/en-us/HT207928	Trust: 0.8
title:	HT207928	url:	https://support.apple.com/ja-jp/HT207928	Trust: 0.8
title:	Apple has issued an update to correct this vulnerability.	url:	https://support.apple.com/kb/HT201222	Trust: 0.7
title:	Apple iTunes for Windows iTunes Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71899	Trust: 0.6

sources: ZDI: ZDI-17-490 // JVNDB: JVNDB-2017-005715 // CNNVD: CNNVD-201707-957

EXTERNAL IDS

db:	NVD	id:	CVE-2017-7053	Trust: 3.6
db:	BID	id:	99884	Trust: 2.0
db:	JVN	id:	JVNVU91410779	Trust: 0.8
db:	JVNDB	id:	JVNDB-2017-005715	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-4798	Trust: 0.7
db:	ZDI	id:	ZDI-17-490	Trust: 0.7
db:	CNNVD	id:	CNNVD-201707-957	Trust: 0.7
db:	VULHUB	id:	VHN-115256	Trust: 0.1
db:	PACKETSTORM	id:	143439	Trust: 0.1

sources: ZDI: ZDI-17-490 // VULHUB: VHN-115256 // BID: 99884 // JVNDB: JVNDB-2017-005715 // PACKETSTORM: 143439 // CNNVD: CNNVD-201707-957 // NVD: CVE-2017-7053

REFERENCES

url:	http://www.securityfocus.com/bid/99884	Trust: 2.3
url:	https://support.apple.com/ht207928	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7053	Trust: 0.9
url:	https://support.apple.com/kb/ht201222	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7053	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu91410779/index.html	Trust: 0.8
url:	https://www.apple.com/	Trust: 0.3
url:	https://support.apple.com/de-de/ht207928	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7056	Trust: 0.1
url:	https://gpgtools.org	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7020	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7061	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7046	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7039	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7055	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7064	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7052	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7042	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7041	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7049	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7030	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7019	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7037	Trust: 0.1
url:	https://www.apple.com/support/security/pgp/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7010	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7034	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7018	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7048	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7043	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7012	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7013	Trust: 0.1
url:	https://www.apple.com/itunes/download/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-7040	Trust: 0.1

sources: ZDI: ZDI-17-490 // VULHUB: VHN-115256 // BID: 99884 // JVNDB: JVNDB-2017-005715 // PACKETSTORM: 143439 // CNNVD: CNNVD-201707-957 // NVD: CVE-2017-7053

CREDITS

Anonymous

Trust: 1.0

sources: ZDI: ZDI-17-490 // BID: 99884

SOURCES

db:	ZDI	id:	ZDI-17-490
db:	VULHUB	id:	VHN-115256
db:	BID	id:	99884
db:	JVNDB	id:	JVNDB-2017-005715
db:	PACKETSTORM	id:	143439
db:	CNNVD	id:	CNNVD-201707-957
db:	NVD	id:	CVE-2017-7053

LAST UPDATE DATE

2025-04-20T22:56:54.981000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-490	date:	2017-07-19T00:00:00
db:	VULHUB	id:	VHN-115256	date:	2019-10-03T00:00:00
db:	BID	id:	99884	date:	2017-07-20T00:00:00
db:	JVNDB	id:	JVNDB-2017-005715	date:	2017-08-04T00:00:00
db:	CNNVD	id:	CNNVD-201707-957	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-7053	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-17-490	date:	2017-07-19T00:00:00
db:	VULHUB	id:	VHN-115256	date:	2017-07-20T00:00:00
db:	BID	id:	99884	date:	2017-07-20T00:00:00
db:	JVNDB	id:	JVNDB-2017-005715	date:	2017-08-04T00:00:00
db:	PACKETSTORM	id:	143439	date:	2017-07-21T04:44:44
db:	CNNVD	id:	CNNVD-201707-957	date:	2017-07-24T00:00:00
db:	NVD	id:	CVE-2017-7053	date:	2017-07-20T16:29:02.113