Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

iTunes For Windows < 6.0 Local Code Execution

Medium

Synopsis

The remote host contains an application that is affected by a local code execution flaw.

Description

According to its banner, the version of iTunes for Windows on the remote host launches a helper application by searching for it through various system paths. An attacker with local access can leverage this issue to place a malicious program in a system path and have it called before the helper application.

Solution

Upgrade to version 6.0 or higher.