| VID |
28209 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The iTunes application has a buffer overflow vulnerability via the MP4/AAC file which exists versions prior to 7.4. Apple iTunes versions prior to 7.4 could allow a remote attacker to take complete control of an affected system, caused by a head-based buffer overflow error when processing the "covr" atom in media files. By tricking a user into opening a specially crafted MP4/AAC file, a remote attacker could exploit this vulnerability to execute arbitrary code on the affected host with the privileges of the user running the application.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://docs.info.apple.com/article.html?artnum=306404
http://lists.apple.com/archives/security-announce/2007/Sep/msg00000.html
http://secunia.com/advisories/26725
* Platforms Affected:
Apple Computer, Inc., iTunes versions prior to 7.4
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of iTunes (7.4 or later), available from the Apple Download Web site at http://www.apple.com/itunes/download/ |
| Related URL |
CVE-2007-3752 (CVE) |
| Related URL |
25567 (SecurityFocus) |
| Related URL |
(ISS) |
|
