Wednesday, June 3, 2009

Apple iTunes 8.1.1 (ITMS) Multiple Protocol Handler BOF Exploit

This [Metasploit] module exploits a stack-based buffer overflow in iTunes itms:// URL parsing. It is accessible from the browser and in Safari, itms urls will be opened in iTunes automatically. Because iTunes is multithreaded, only vfork-based payloads should be used.


This vulnerability was addressed by Apple with the recent iTunes 8.2 release.

No comments:

Post a Comment