Secunia Advisory: SA32121
Release Date: 2008-10-03
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
OS: Apple TV 1.x
Apple TV 2.x
CVE reference:
CVE-2007-4674
CVE-2008-3626
CVE-2008-3629
Description:
Some vulnerabilities have been reported in Apple TV, which can be exploited by malicious people to compromise a vulnerable system.
1) An error in the processing of movie atoms can be exploited to cause a stack-based buffer overflow.
For more information see vulnerability #8 in:
SA27523
2) An error in the processing of STSZ atoms can be exploited to corrupt memory.
For more information see vulnerability #6 in:
SA31821
Solution:
Update to version 2.2.
Bollettino Sicurezza
Release Date: 2008-10-03
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
OS: Apple TV 1.x
Apple TV 2.x
CVE reference:
CVE-2007-4674
CVE-2008-3626
CVE-2008-3629
Description:
Some vulnerabilities have been reported in Apple TV, which can be exploited by malicious people to compromise a vulnerable system.
1) An error in the processing of movie atoms can be exploited to cause a stack-based buffer overflow.
For more information see vulnerability #8 in:
SA27523
2) An error in the processing of STSZ atoms can be exploited to corrupt memory.
For more information see vulnerability #6 in:
SA31821
Solution:
Update to version 2.2.
Bollettino Sicurezza