CVE-2009-0950

Name of the Vulnerable Software and Affected Versions Apple iTunes versions prior to 8.2

Description The issue is a stack-based buffer overflow that allows remote attackers to execute arbitrary code or cause a denial of service, resulting in an application crash. This can be achieved via a crafted itms: URL with a long URL component after a colon.

Recommendations For Apple iTunes versions prior to 8.2, update to version 8.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of itms: URLs with long components after a colon until the update is applied.