Summary
This host has Apple iTunes installed, which is prone to Buffer Overflow vulnerability.
Impact
Successful exploitation will allow attacker to execute arbitrary code within the context of the affected application, failed exploit attempts will result in a denial of service condition.
Impact Level: Application
Solution
Upgrade to Apple iTunes Version 9.0.1
http://www.apple.com/itunes/download
Insight
The flaw exists in the handling of specially crafted '.pls' files. It fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Affected
Apple iTunes version prior to 9.0.1 on Windows.
References
Severity
Classification
-
CVE CVE-2009-2817 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- BigAntSoft BigAnt IM Message Server Multiple Vulnerabilities
- Audacity Buffer Overflow Vulnerability (Linux)
- Adobe Flash Professional JPG Object Processing BOF Vulnerability (Windows)
- Blazevideo HDTV Player PLF File Buffer Overflow Vulnerability
- Adobe Flash Player Multiple Vulnerabilities - Mar09 (Linux)