Family: Windows --> Category: infos
iTunes AAC File Integer Overflow Vulnerability (Windows) Vulnerability Scan
Vulnerability Scan Summary
Check the version of iTunes
Detailed Explanation for this Vulnerability Test
The remote Windows host contains an application that is affected by a
remote code execution flaw.
The remote host is running iTunes, a popular jukebox program.
The remote version of iTunes is vulnerable to an integer overflow when
it parses a specially crafted AAC file. By tricking a user into
opening such a file, a remote attacker may be able to leverage this
issue to execute arbitrary code on the affected host, subject to the
rights of the user running the application.
See also :
Upgrade to iTunes 6.0.5 or later.
Medium / CVSS Base Score : 6
Click HERE for more information and discussions on this network vulnerability scan.