Signature Detail

Short Name	HTTP:STC:ITUNES-PL
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Illegal iTunes Playlist URL
Release Date	2005/02/10
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Illegal iTunes Playlist URL

This signature detects attempts to exploit a known vulnerability in iTunes parsing handler. iTunes 4.7 is vulnerable. Attackers can submit iTunes play lists that refer to illegal URLs, which can create a denial-of-service condition or allow them to execute arbitrary code.

Extended Description

Apple iTunes is prone to a buffer overflow vulnerability. This issue is exposed when the application parses 'm3u' and 'pls' playlist files. As these files may originate from an external source, this issue is considered remotely exploitable. If the vulnerability is successfully exploited, it will result in execution of arbitrary code in the context of the user running the application.

Affected Products

Apple iTunes 4.2.0 .72
Apple iTunes 4.5.0
Apple iTunes 4.6.0
Apple iTunes 4.7.0

References

BugTraq: 12238
CVE: CVE-2005-0043
URL: http://docs.info.apple.com/article.html?artnum=61798
URL: http://www.sans.org/newsletters/risk/display.php?v=4&i=2#widely3

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Illegal iTunes Playlist URL

Extended Description

Affected Products

References