|
|
CVE Reference: CVE-2006-1467 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-1467 |
|
|
Description: Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or later, and Windows XP and 2000, allows remote user-assisted attackers to execute arbitrary code via an AAC (M4P, M4A, or M4B) file with a sample table size (STSZ) atom with a "malformed" sample_size_table value. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/27481 ST 1016413 SAID Secunia Advisory: SA20891 MISC http://www.zerodayinitiative.com/advisories/ZDI-06-020.html CERT-VN 907836 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/438812/100/0/threaded BID 18730 APPLE http://docs.info.apple.com/article.html?artnum=303952 |
|
| Return to the previous page. |
