icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

iTunes For Windows < 6.0 Local Code Execution

Medium

Synopsis

The remote host contains an application that is affected by a local code execution flaw.

Description

According to its banner, the version of iTunes for Windows on the remote host launches a helper application by searching for it through various system paths. An attacker with local access can leverage this issue to place a malicious program in a system path and have it called before the helper application.

Solution

Upgrade to version 6.0 or higher.