Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2012.0911 Apple TV 5.1 25 September 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Apple TV Publisher: Apple Operating System: Apple iOS Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Access Confidential Data -- Remote/Unauthenticated Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2012-3726 CVE-2012-3725 CVE-2012-3722 CVE-2012-3679 CVE-2012-3678 CVE-2012-3592 CVE-2012-3591 CVE-2012-3590 CVE-2012-3589 CVE-2012-1173 CVE-2012-0683 CVE-2012-0682 CVE-2011-4599 CVE-2011-3919 CVE-2011-3328 CVE-2011-3048 CVE-2011-3026 CVE-2011-2834 CVE-2011-2821 CVE-2011-1944 CVE-2011-1167 Reference: ASB-2012.0047 ESB-2012.0899 ESB-2012.0705 ESB-2012.0458 ESB-2012.0178 ESB-2012.0114 ESB-2011.1208 ESB-2011.0320 ESB-2011.1249.2 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-09-24-1 Apple TV 5.1 Apple TV 5.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access existed in the handling of Sorenson encoded movie files. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3722 : Will Dormann of the CERT/CC Apple TV Available for: Apple TV 2nd generation and later Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed Description: Upon connecting to a Wi-Fi network, iOS may broadcast MAC addresses of previously accessed networks per the DNAv4 protocol. This issue was addressed by disabling DNAv4 on unencrypted Wi-Fi networks CVE-ID CVE-2012-3725 : Mark Wuergler of Immunity, Inc. Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue was addressed by updating libtiff to version 3.9.5. CVE-ID CVE-2011-1167 Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images. CVE-ID CVE-2011-3026 : Juri Aedla CVE-2011-3048 CVE-2011-3328 Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in ImageIO's handling of JPEG images. This issue was addressed through improved memory management. CVE-ID CVE-2012-3726 : Phil of PKJE Consulting Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in libTIFF's handling of TIFF images. This issue was addressed through improved validation of TIFF images. This issue does not affect OS X Mountain Lion systems. CVE-ID CVE-2012-1173 Apple TV Available for: Apple TV 2nd generation and later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in the handling of ICU locale IDs. This issue was addressed through improved bounds checking. CVE-ID CVE-2011-4599 Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with a privileged network position may cause an unexpected application termination or arbitrary code execution Description: Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues were addressed by applying the relevant upstream patches. CVE-ID CVE-2011-1944 : Chris Evans of Google Chrome Security Team CVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-3919 : Juri Aedla Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with a privileged network position may cause an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in JavaScriptCore. These issues were addressed through improved memory handling. CVE-ID CVE-2012-0682 : Apple Product Security CVE-2012-0683 : Dave Mandelin of Mozilla CVE-2012-3589 : Dave Mandelin of Mozilla CVE-2012-3590 : Apple Product Security CVE-2012-3591 : Apple Product Security CVE-2012-3592 : Apple Product Security CVE-2012-3678 : Apple Product Security CVE-2012-3679 : Chris Leary of Mozilla Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> General -> Update Software". To check the current version of software, select "Settings -> General -> About". Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQIcBAEBAgAGBQJQXO50AAoJEPefwLHPlZEwc40P/AmBKys+PAsdT8gGrSpOY1B9 8h+Y0xdE+Hmesq9D4p6wvdY/lR+zMqtSwT6amNImYCIaRmm1P8+r8n31be52TYlg 7GqEAZbDtFztHwIISC8Khf8dMvWSrLhzRa7X/cxlIgRKmoXFnqJZzYcUov/M9Uw8 KwejQnztmAx7srHnZCNI+dxFqAC7hPoegnDnlVPx1DkwKDjt8q9xD3PGQyiGWWkI wqUEWvMGWr65CFyA7R0hDqKuNCowWn2cKP1UhIoEur5yRmc4aQVtOnHhJ8k9mdoO +58JC/y8lCtqGUyEL2Ar0FmIcRX/GJf+/isKOtmHx0JuEhH5beQ6s9FxU5eNR9DH EVPmVXowY9wMvKxwHFU3jwq8kQ3+IYC+7KA6lScb5mXO5mC5dbJPLp7uJto7+VtI atgQmvzdB8G562wpwTPuA4UQWWr0i6WWl8zkfgkRHO+cXyN683rkBP/vVEo9FipR YkQ10RsXqYDRXBcRywmTZZwQy6txMtV9D2bnk1uukQHBsZh30/mEpcmZbo6CO3s3 mnOtu5D2OQsNt4MqbviUkEgdc9JIJnqAOo+9YguDCEu6Rd7unbKB3RpmD+A3OJnR GhEa2Gqyvm/ozfb2D4L01y4UQo7dMLw+t/FOZXkrpdLlWn2LANWvXDCPSzIFCKoN cXF+ij425pfY+d7Iekz3 =PSL+ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUGEGJe4yVqjM2NGpAQIOxA/+PAlaknZR2a+AYMzS9qjLEML25SBjb6DC 5nJPPNFvGPMSgdzP68tPjpqqW5TOd4nmnobt8rp6Fk5rlKnOPujcH8MLAEDNJrhd vZQpx13TKbw8auEOPAQL2JloOzKFoN/ydePFsupRvPEbRg8rf1lCvVB0QaeOU7Nk 1RVfMl3SxnusxH7y/IsdfG3vs6ET5o6KsJ5f4l8i3FP9n75vpI+D983kxOs1UXLA JwgVOT3c1G0S3s1t4Qq34gldnDsLueA9SERRVoWq4uYQKfwAabN+mQFB1teSzpb8 aVJFgs9EzDL469Gz/4Y7lnYrwWl0hZPPFapGHYsWmLOwaT3rIp+41e7EgrjVVAcb oo32SgbXB+azbeJMAcTW0tN4FpADyRvoQr3RPN+RlMhI31xTeW+p4poWnpGqchy2 ZvcDHWgElZ5/6PDaiQCCj9LCEIlkNAi2S8Qg5shcHefp7iiYaUhIdWr0iwmF+KNU 92VEqn1qmLSfZTALzRgz/bP27343cAI2WS1Q/sw9NY6ZkwoEUnC82ozrJ7vY7jn5 0oXB7RQG6QAp27MeMMQKZHIKtv3CHCvpGAHrsk/D61n2NoIFpI9q/5U9UQnAJWrT 6hlRWwiYbTKR3XlZtpbVO8A2mnglMzLNolhhD9yVzwDduTMInYzxNTFUbBl9ZtHC AcaAd/xOV+s= =160+ -----END PGP SIGNATURE-----