Bugtraq: APPLE-SA-2016-05-16-6 iTunes 12.4

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

APPLE-SA-2016-05-16-6 iTunes 12.4

iTunes 12.4 is now available and addresses the following:

iTunes

Available for: Windows 7 and later

Impact: Running the iTunes installer in an untrusted directory may

have resulted in arbitrary code execution

Description: A dynamic library loading issue existed in iTunes

setup. This was addressed through improved path searching.

CVE-ID

CVE-2016-1742 : Stefan Kanthak and

YoKo Kho (yokoacc) of MII - Consulting & Advisory Svc. Dept.

iTunes 12.4 may be obtained from:

http://ift.tt/oLh1sv

Information will also be posted to the Apple Security Updates

web site: http://ift.tt/1p75l9H

This message is signed with Apple's Product Security PGP key,

and details are available at:

http://ift.tt/JvT2t4

-----BEGIN PGP SIGNATURE-----

Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJXOj0OAAoJEIOj74w0bLRGjA0QANTHzjNUsByxmLOpQfNcEHEy

3lXFmf00E7C6lq7DgQMPfbYOgXz+lAJuUuyt88OK6k9w+ADm+huxna6O+Gy4f+ST

W1T2eu78vJG42QRji1f9PAa8M9roQjziL35iCRZCpeN5kLwXK8BHGSjvB33hjkGy

a7GzWuT27iwUcEvTHSWACYtVqfDYre5l4Jyk0/CviWgb7zms7HC+SBbAGS3TfZRh

LxT2JeF+dQ4Ajug21O8IJrOJtNwgppkssrSqtvVezYNvmTVuELPtm+5Mo0Ggqhr7

vo3SxcOvZ7xqyA9F2klLV27oity7FLMXg2NyqWnngpRJoxnnck8PcB9/FSGpVpWt

/RmF6zIII792jfcmRYhe8IwgbpO6w8r4o4dJX3FLuWmk1HajT9itgZkMPIIfUdP7

hxvfmK4GBv09AP/o+oXi+Zoq3X0HbZhp+djcI9hx0T9a1bw7g0H31g54NMhqCxez

vl0M04Y3+GmtXuIJNIzJuuIh4JMMfGN9SXO5NAzFzOlQ6bn96/uR9o4e+2LAuH29

HuACxqu6gaOOt/bv0AOSloPyIOSnfgH1v5Zt9QV2qDpChTSPqL0b5nnqwcv5yv7l

InSa1oWL+WJ1FSlB7dLC01Sii4uRTC6Oud+ShWsoqMKYJouODqry8hlIG4Qqzexl

fnEDC7oEvN/gpW1EXu7v

=Aip6

-----END PGP SIGNATURE-----

from SecurityFocus Vulnerabilities http://ift.tt/1Yxpq4B

Nexus