Backdooring MP3 files (plus QuickTime issues and Cross-context Scripting)
|CVSS Base Score
See this note in TXT Version
MP3 files can be backdoored with malicious content too.
Over the past few days I have been exploring different features of
Apple's QuickTime player - key software component of iTunes and
standard part of many home and business workstations. A lot of
research was conducted and some problems, which IMHO are quite
serious, were found. Please take this post as a security notice.
QuickTime is quite versatile and flexible media platform which has a
lot of functionalities. I quite like it I must say. I even use iTunes
on daily basis. Unfortunately because of its flexibility QuickTime
from media files such as mp3, mp4, m4a and everything else that is
The article can be found at the link above.