Family: Gain a shell remotely --> Category: infos
iTunes AAC File Integer Overflow Vulnerability (network check) Vulnerability Scan
Vulnerability Scan Summary
Check the version of iTunes
Detailed Explanation for this Vulnerability Test
The remote host contains an application that is affected by a remote
code execution flaw.
The remote host appears to be running iTunes, a popular jukebox program.
The remote version of iTunes is vulnerable to an integer overflow when
it parses a specially crafted AAC file. By tricking a user into
opening such a file, a remote attacker may be able to leverage this
issue to execute arbitrary code on the affected host, subject to the
rights of the user running the application.
See also :
Upgrade to iTunes 6.0.5 or later.
Medium / CVSS Base Score : 6
Click HERE for more information and discussions on this network vulnerability scan.