iTunes < 9.1 Multiple Vulnerabilities

The remote version of iTunes is older than 9.1. Such versions may be affected by multiple vulnerabilities :

• A buffer underflow in ImageIO’s handling of TIFF images may lead to an application crash or arbitrary code execution. (CVE-2009-2285)

• An integer overflow in the application’s handling of images with an embedded color profile may lead to an application crash or arbitrary code execution. (CVE-2010-0040)

• An uninitialized memory access issue in ImageIO’s handling of BMP images may result in sending data from Safari’s memory to a website under an attacker’s control. (CVE-2010-0041)

• An uninitialized memory access issue in ImageIO’s handling of TIFF images may result in sending data from Safari’s memory to a website under an attacker’s control. (CVE-2010-0042)

• A memory corruption issue in the application’s handling of TIFF images may lead to an application crash or arbitrary code execution. (CVE-2010-0043)

• An infinite loop in the application’s handling of imported MP4 podcast files may lead to an application crash and prevent subsequent operation. (CVE-2010-0531)

• A race condition during the installation process may allow a local user modify a file that is then executed with SYSTEM privileges. (CVE-2010-0532)

• A path searching issue may allow code execution if an attacker can place a specially crafted DLL in a directory and have a user open anothe file using iTunes in that directory. (CVE-2010-1795)

• Syncing a mobile device may allow a local user to gain the priviliges of the console user due to an insecure file operation in the handling of log files. (CVE-2010-1768)