TUCoPS :: HP Unsorted I :: tb12432.htm

iTunes 7.3.x - Heap overflow in album cover parsing
iTunes 7.3.x - Heap overflow in album cover parsing
iTunes 7.3.x - Heap overflow in album cover parsing

iSEC Partners Security Advisory - 2007-005-itunes

iTunes 7.3.x - Heap overflow in album cover parsing

Vendor: Apple, Inc.
Vendor URL: http://www.apple.com 
Versions affected: Confirmed in iTunes 7.3.2
Systems Affected: Confirmed on OS X 10.4.10 PPC, Windows XP x86
Severity: High (potential code execution)
Author: David Thiel 

Vendor notified: 2007-07-29
Public release: 2007-09-05
Advisory URL: https://www.isecpartners.com/advisories/2007-005-itunes.txt 
Vendor Advisory URL: http://docs.info.apple.com/article.html?artnum=306404 

A vulnerability exists in iTunes where an attacker can cause a denial
of service or code execution via maliciously crafted album cover art
embedded in a media file.

iTunes 7.3.2 and earlier are vulnerable to a heap overflow when parsing
the 'covr' atom of an MP4/AAC file. This atom is normally used for the
storage of album cover art.

Fix Information:
This issue is fixed in iTunes 7.4, available via Software Update or 
download at http://www.apple.com/itunes/download/. 

Thanks to:
The Apple product security team for a timely response to this issue.

About iSEC Partners:
iSEC Partners is a full-service security consulting firm that provides
penetration testing, secure systems development, security education
and software design verification, with offices in San Francisco,
Seattle, Ewa Beach and Los Angeles.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH