Apple iTunes '.pls' File Buffer Overflow Vulnerability

Apple iTunes is prone to a buffer-overflow vulnerability because the software fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to Apple iTunes 9.0.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus