Apple iTunes 7.0.2 - XML Parsing Remote Denial of Service

EDB-ID:

29616

Author:

poplix

Type:

dos

Platform:

OSX

Published:

2007-02-19

source: http://www.securityfocus.com/bid/22615/info

Apple iTunes is prone to a remote denial-of-service vulnerability because the application fails to handle malformed XML playlist files.

An attacker can exploit this issue to crash the application, triggering a denial-of-service condition.

Apple iTunes version 7.0.2 for Intel and PowerPC are vulnerable to this issue; other versions may also be affected. 

<?die with your boots on?>
<kb:station_record>
<kb:station_url_record>
</kb:station_url_record>