Test ID:	1.3.6.1.4.1.25623.1.0.800495
Category:	General
Title:	Apple iTunes Multiple Vulnerabilities (APPLE-SA-2010-03-30-2)
Summary:	Apple iTunes is prone to multiple vulnerabilities.
Description:	Summary: Apple iTunes is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An infinite loop issue in the handling of 'MP4' files. A maliciously crafted podcast may be able to cause an infinite loop in iTunes, and prevent its operation even after it is relaunched. - A privilege escalation issue in Windows installation package. During the installation process, a race condition may allow a local user to modify a file that is then executed with system privileges. Vulnerability Impact: Successful exploitation could allow the attacker to cause denial of service and obtain system privileges during installation. Affected Software/OS: Apple iTunes prior to version 9.1 (9.1.0.79). Solution: Update to version 9.1 or later. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0531 http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7427 http://secunia.com/advisories/39135 Common Vulnerability Exposure (CVE) ID: CVE-2010-0532 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7110
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.