Apple iTunes Playlist Handling Buffer Overflow Vulnerability

Discussion in 'other security issues & news' started by gerardwil, Jan 12, 2005.

Thread Status:
Not open for further replies.
  1. gerardwil

    gerardwil Registered Member

    Joined:
    Jan 17, 2004
    Posts:
    4,748
    Location:
    The Netherlands


    Highly criticalImpact:System access
    Where:From remote
    Solution Status:Vendor Patch
    Software:iTunes 4.x


    Description:
    Sean de Regge has reported a vulnerability in iTunes, which can be exploited by malicious people to compromise a user's system.

    The vulnerability is caused due to a boundary error within the handling of .m3u and .pls playlists. This can be exploited to cause a buffer overflow via a specially crafted playlist.

    Successful exploitation may allow execution of arbitrary code.

    http://secunia.com/advisories/13804/
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,728
    Location:
    Texas
  3. Stro

    Stro Registered Member

    Joined:
    May 16, 2004
    Posts:
    130
    Location:
    Memphis, TN USA
    I called Apple to buy some more coverage for the kids iPods and was switched the tech support dept when I asked about this vulnerability. The Apple tech person told me she never heard about it.

    Anyone know if iTunes 4.7.1 (hope I got the #s right) released in January 2005 fixes this vulnerability (if in fact it exists)?

    Ronjor, I followed your link. It led me the Apple download page. I did not see anything about a patch on that page.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,728
    Location:
    Texas
    Stro

    Info from the link.

    Apple fixes flaw with iTunes update
    By Dawn Kawamoto CNET News.com January 12, 2005, 12:35 PM PT


    Apple on Tuesday released an update of its iTunes software to address a vulnerability that could cause earlier versions to crash and execute arbitrary code.

    With previous versions, the flaw could allow an attacker to inject more data into a particular memory location than the program could accommodate, thereby allowing the attacker to take over a computer. The new software, iTunes 4.7.1, is available at Apple's Web site.

    The update is available for Mac OS X, Microsoft Windows XP and Microsoft Windows 2000.

    Apple has faced fewer security issues than Microsoft, with its prevalent Windows operating system. Still, Apple has garnered some attention from hackers.

    Last August, a Norwegian hacker published the Apple AirPort Express public key, which Apple uses for encrypting music transmitted from iTunes to wireless base stations.
     
Loading...
Thread Status:
Not open for further replies.