Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple iTunes Hit With a New Critical Flaw

Posted by Zonk on Tuesday May 10, 2005 @07:18AM from the watch-what-you-listen-to dept.

Jameson writes "Apple has released a new iTunes version to correct a security vulnerability reported by Mark Litchfield. FrSIRT and Secunia marked the flaw as "critical", because it can be exploited by malicious people to compromise a user's system via maliciously-crafted MPEG4 file. iTunes 4.8 addresses this issue by improving the validation checks used when loading MPEG4 files."

1 of 44 comments (clear)

Min score:

Reason:

Sort:

read changelog, post advisory, rinse and repeat by __aaitqo8496 · 2005-05-10 07:24 · Score: 3, Interesting

wait... did they just create an advisory based on changelog? didn't this happen with firefox not long ago?