| VID |
28148 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The iTunes for Windows, according to its version number, has an integer-overflow vulnerability via the AAC file. Apple iTunes versions prior to 6.0.5 could allow a remote attacker to take complete control of an affected system, caused by an integer overflow error in the AAC file parsing code that does not properly handle malformed files. An attacker could exploit this vulnerability to crash a vulnerable application or execute arbitrary commands by tricking a user into opening a specially crafted AAC file.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://docs.info.apple.com/article.html?artnum=303952
http://lists.apple.com/archives/security-announce/2006/Jun/msg00001.html
http://www.securityfocus.com/advisories/10781
http://www.frsirt.com/english/advisories/2006/2601
http://secunia.com/advisories/20891/
http://www.zerodayinitiative.com/advisories/ZDI-06-020.html
* Platforms Affected:
Apple Computer, Inc., iTunes versions prior to 6.0.5
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of iTunes for Windows (6.0.5 or later), available from the Apple Download Web site at http://www.apple.com/itunes/download/ |
| Related URL |
CVE-2006-1467 (CVE) |
| Related URL |
18730 (SecurityFocus) |
| Related URL |
27481 (ISS) |
|
