6/30/2006

Apple Patches Highly Critical Flaw In iTunes

Filed under: — Aviran Mordo @ 10:22 am

A vulnerability has been reported in Apple iTunes, which can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to an integer overflow error within the parsing of AAC media files (e.g. “.M4A” and “.M4P” file extensions). This can be exploited to cause a memory corruption when a malicious AAC file with a specially crafted “sample_size_table” value is opened.

Security web site secunia rates this vulnerability as highly critical and recommends to update to version 6.0.5.

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress