Apple iTunes Multiple Vulnerabilities

Last Update Date: 13 Jun 2012 15:07 Release Date: 13 Jun 2012 5368 Views

RISK: High Risk

High Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

Multiple vulnerabilities have been identified in Apple iTunes, which can be exploited by malicious people to compromise a user's system.

  1. An error in the handling of .m3u playlists can be exploited to cause a heap-based buffer overflow via a specially crafted M3U (".m3u") file.
  2. A vulnerability is caused due to a bundled vulnerable version of WebKit.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

 

Note: This vulnerability does not affect the application on OS X Lion systems.

Impact

  • Remote Code Execution

System / Technologies affected

  • Apple iTunes versions prior to 10.6.3

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 10.6.3.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Astaro Security Gateway Cross-Site Scripting Vulnerability

12 Jun 2012 5449 Views

Next

MySQL memcmp() Comparison Error Vulnerability

13 Jun 2012 5801 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY