Apple iTunes Multiple Vulnerabilities
Last Update Date:
13 Jun 2012 15:07
Release Date:
13 Jun 2012
4973
Views
RISK: High Risk
TYPE: Clients - Audio & Video
Multiple vulnerabilities have been identified in Apple iTunes, which can be exploited by malicious people to compromise a user's system.
- An error in the handling of .m3u playlists can be exploited to cause a heap-based buffer overflow via a specially crafted M3U (".m3u") file.
- A vulnerability is caused due to a bundled vulnerable version of WebKit.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Note: This vulnerability does not affect the application on OS X Lion systems.
Impact
- Remote Code Execution
System / Technologies affected
- Apple iTunes versions prior to 10.6.3
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 10.6.3.
Vulnerability Identifier
Source
Related Link
Share with