PT-2024-22037 · Apple · Itunes

Willy R. Vasquez

·

Published

2024-05-08

·

Updated

2024-12-09

·

CVE-2024-27793

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions iTunes versions prior to 12.13.2
Description The issue was addressed with improved checks. Parsing a file may lead to an unexpected app termination or arbitrary code execution.
Recommendations For versions prior to 12.13.2, update to iTunes 12.13.2 for Windows to resolve the issue.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2024-27793

Affected Products

Itunes