Apple iTunes Multiple Protocol Handler Buffer Overflow VulnerabilitiesTPTI-09-03: June 2nd, 2009
TippingPoint™ IPS Customer ProtectionTippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 8013. For further product information on the TippingPoint IPS:
Vulnerability DetailsThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple iTunes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
The specific flaw exists in the URL handlers associated with iTunes. When processing URLs via the protocol handlers "itms", "itmss", "daap", "pcast", and "itpc" an exploitable stack overflow occurs. Successful exploitation can lead to a remote system compromise under the credentials of the currently logged in user.
Vendor ResponseApple has issued an update to correct this vulnerability. More details can be found at:
2009-04-09 - Vulnerability reported to vendor
2009-06-02 - Coordinated public release of advisory