Apple iTunes < 8.2 itms: URI Handling Overflow (uncredentialed check)
High Nessus Plugin ID 38986
SynopsisThe remote host contains an application that is affected by a buffer overflow vulnerability.
DescriptionThe version of Apple iTunes on the remote host is prior to version 8.2. It is, therefore, affected by a stack-based buffer overflow that can be triggered when parsing 'itms:' URLs. By convincing a user to click on a specially crafted link, a remote attacker can cause a denial of service or execute arbitrary code with the user's level of privileges.
SolutionUpgrade to Apple iTunes 8.2 or later.