Apple iTunes found vulnerable
Date: November 21, 2005Source: InformationWeek
According to an alert posted Thursday by eEye Digital Security, a "remotely exploitable flaw exists that allows arbitrary code to be executed in the context of the logged in user." The security vendor traditionally doesn't provide details on vulnerabilities it discovers until the affected vendor produces a patch.
On Tuesday, Apple released a security update to iTunes 6 for Windows; the bug reported by eEye, however, wasn't addressed in that fix.
Also on Thursday, eEye warned of a similarly-critical bug in various versions of Apple's QuickTime media player on both the Windows and Mac platforms. That vulnerability can also be exploited remotely, and might result in an attacker grabbing control of the victimized computer.
Original article
Add comment Email to a Friend