Apple iTunes JPEG Image Heap-Based Buffer Overflow Vulnerability

Apple iTunes is prone to a heap-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. This issue affects the Apple Inc.'s CoreGraphics library.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to Apple iTunes 10.2 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus