Summary
This host is installed with Apple iTunes and is prone to multiple code execution vulnerabilities.
Impact
Successful exploitation will allow attackers to execute arbitrary code.
Impact Level: System/Application
Solution
Upgrade to Apple Apple iTunes version 10.6.3 or later, For updates refer to http://www.apple.com/itunes/download/
Insight
Apple iTunes fails to handle '.m3u' playlist, allowing to cause a heap overflow and execute arbitrary code on the target system.
Affected
Apple iTunes version prior to 10.6.3 on Windows
References
Severity
Classification
-
CVE CVE-2012-0677 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Windows)
- Adobe Air and Flash Player Multiple Vulnerabilities (Mac OS X)
- Adobe Air Multiple Vulnerabilities -01 August 12 (Mac OS X)
- Adobe Air Code Execution and DoS Vulnerabilities (MAC OS X)