Apple iTunes MPEG4 Parsing Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Apple iTunes MPEG4 Parsing Buffer Overflow Vulnerability

Apple iTunes MPEG4 file parsing is prone to a buffer overflow. A specifically malformed MPEG4 file could trigger this overflow, causing a denial of service or execution of arbitrary code.

This vulnerability was addressed in iTunes 4.8; all earlier versions are likely affected.