In association with heise online

01 July 2006, 21:32

Buffer overflow in Apple's iTunes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Catchy songs generally get stuck in your brain, but users of Apple's iTunes might also have them get caught in their PCs if a security hole is exploited when an AAC file is played. AAC files have the endings .M4A, M4P or MP4. The cause of the weak point is an integer overflow that occurs when manipulated sample tables (sample_size_table) are read.

Attackers can use manipulated files to cause the application to crash or even, in the worst-case scenario, to have code injected and executed with the user's rights. Under Windows, the user is generally the administrator and, under Mac OS X, a user with restricted rights. However, users still have to click on the song in Apple's player. The hole has been patched in iTunes version 6.0.5 for both Windows and Mac OS X.

Also see:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit