Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

iTunes < 7.4.0 MP4/AAC File covr atom Overflow

Medium

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running iTunes - an application for managing and listening to music media files. This version of iTunes is vulnerable to a buffer overflow due to the way that it processes malformed MP4/AAC files. An attacker exploiting this flaw would need to be able to entice an iTunes user into opening a malformed file. Successful exploitation would result in the attacker executing arbitrary code on the remote system.

Solution

Upgrade to version 7.4.0 or higher.