Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - iTunes buffer overflow vulnerability InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

iTunes buffer overflow vulnerability

Published: 2010-07-20
Last Updated: 2010-07-20 12:20:28 UTC
by Manuel Humberto Santander Pelaez (Version: 2)
0 comment(s)

Apple is reporting new version of iTunes (9.2.1), which address CVE-2010-1777: A buffer overflow exists in the handling of itpc: URLs, which might lead to application termination or arbitrary code execution.

More information at http://support.apple.com/kb/HT4263.

This affects version 9 of iTunes, and only on the Windows platform.

-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org

0 comment(s)
Diary Archives