A report on PC Pro today notes that Apple has announced a “vulnerability affecting iTunes and QuickTime that could lead to code being run on the system.” The story notes that: “The integer overflow and heap-based buffer overflow vulnerability affects both the Mac OS X and Windows versions of QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2.” eEye Digital, a security company, describes the flaw as “high in terms of severity.” Apple is working on patches for the vulnerability.
