3 matches found
Apple iTunes fails to properly parse AAC files
Overview Apple iTunes does not properly parse AAC files. This vulnerability may allow a remote attacker to execute arbitrary code. Description Apple iTunes Apple iTunes is a digital media player available for the Microsoft Windows and Mac OS X operating systems. Advanced Audio Coding AAC file...
CVE-2006-1467
Apple iTunes prior to 6.0.5 on macOS 10.2.8+ and Windows XP/2000 is affected by an integer overflow in the AAC file parser (STSZ sample_size_table) that can lead to remote code execution when a user opens a crafted AAC file. Exploitation requires user action and would run with the caller’s privil...
iTunes < 6.0.5 AAC File Integer Overflow (Mac OS X)
The remote host is running iTunes, a popular jukebox program. The remote version of this software is vulnerable to an integer overflow when it parses specially crafted AAC files which may lead to the execution of arbitrary code. An attacker may exploit this flaw by sending a malformed AAC file to...