Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

iTunes buffer overflow vulnerability

Published: 2010-07-20
Last Updated: 2010-07-20 12:20:28 UTC
by Manuel Humberto Santander Pelaez (Version: 2)
0 comment(s)

Apple is reporting new version of iTunes (9.2.1), which address CVE-2010-1777: A buffer overflow exists in the handling of itpc: URLs, which might lead to application termination or arbitrary code execution.

More information at

This affects version 9 of iTunes, and only on the Windows platform.

-- Manuel Humberto Santander Peláez | | | msantand at isc dot sans dot org

0 comment(s)
Diary Archives