Share

Related Stories

Top 5 Stories

News

Researcher publishes proof-of-concept exploit for iTunes

21 June 2012

A researcher with Zero Science Lab in Macedonia has published a proof-of-concept exploit of an iTunes flaw that allows remote code execution by an attacker.

The vulnerability is the result of a boundary error in iTunes’ processing of a playlist file. It can be exploited by an attacker to cause a heap buffer overflow when a user opens the specially crafted .m3u file, explained Gjoko Krstic in a blog post.

By exploiting the vulnerability, an attacker could execute arbitrary code on the affected node to gain control of the device, he explained.

Apple patched the vulnerability with the latest version of iTunes, 10.6.3, which it released last week. According to the security update, iTunes 10.6.3 fixes a heap buffer overflow in the handling of .m3u playlists; “importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution.” Apple acknowledged the assistance of Krstic in finding and fixing this flaw.

In addition, the latest version of iTunes plugged a memory corruption issue in WebKit. If the user visited a maliciously crafted website, this could lead to an unexpected application termination or arbitrary code execution.

According to Lysa Myers with Intego, no malware has been found that exploits the iTunes vulnerability identified by Krstic. “But it’s often just a matter of time before malware writers incorporate this code into their creations to get onto computers without you knowing, much like Flashback did with its Java exploit”, Myers wrote on the Mac Security blog.
 

This article is featured in:
Application Security  •  Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×