Added: 07/06/2009
CVE: CVE-2009-0950
BID: 35157
OSVDB: 54833
iTunes is a free media player for multiple platforms.
A buffer overflow vulnerability allows command execution when a user opens a specially crafted **itms://**
URL.
Upgrade to iTunes 8.2 or higher.
<http://support.apple.com/kb/HT3592>
Exploit works on iTunes 8.1.1 and requires a user to open the exploit URL in iTunes.
Windows XP