http://www.milw0rm.com/exploits/8861
This [Metasploit] module exploits a stack-based buffer overflow in iTunes itms:// URL parsing. It is accessible from the browser and in Safari, itms urls will be opened in iTunes automatically. Because iTunes is multithreaded, only vfork-based payloads should be used.
---------------------------
This vulnerability was addressed by Apple with the recent iTunes 8.2 release.
http://support.apple.com/kb/HT3592
No comments:
Post a Comment