virus logo FortiClient Vulnerability

Security Vulnerabilities fixed in iTunes HT6245

description-logoDescription

Set-Cookie HTTP headers would be processed even if the connection closed before the header line was complete. An attacker could strip security settings from the cookie by forcing the connection to close before the security settings were sent, and then obtain the value of the unprotected cookie. This issue was addressed by ignoring incomplete HTTP header lines. A memory corruption issue existed in iTunes MP4 parsing. This issue was addressed through additional bounds checking.

affected-products-logoAffected Applications

iTunes

CVE References

CVE-2014-1296 CVE-2014-8842

Other References

https://support.apple.com/en-us/HT6245
ID 21877
Created Jul 11, 2018
Description
Updated		 Dec 20, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Apple
Patch auto
Application iTunes