1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Apple iTunes PLS File BO CVE-2009-2817

Web Attack: Apple iTunes PLS File BO CVE-2009-2817

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attmept to exploit a buffer overflow in Apple iTunes by sending specially crafted PLS files.

Additional Information

Apple iTunes is a media player for Microsoft Windows and Apple MAC OS X.

Apple iTunes is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it into an insufficiently sized buffer. Specifically, the issue occurs when processing '.pls' files.

An attacker could exploit this issue by enticing an unsuspecting user to open a malicious '.pls' file with the affected application.

Successfully exploiting this issue will allow the attacker to execute arbitrary code within the context of an affected application. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to Apple iTunes 9.0.1 are vulnerable.


  • Versions prior to Apple iTunes 9.0.1


Vendor updates are available. Please see the referenced advisory for details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube