CVE-2005-0043

Apple iTunes 4.7 - Remote Code Execution via Long URL in Playlist Files

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-0043. PoCs published by Metasploit, nemo, including Metasploit module exploits/windows/browser/apple_itunes_playlist.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in Apple iTunes 4.7 via a malicious PLS file. It delivers a payload through an HTTP server, triggering arbitrary code execution when the victim opens the crafted playlist.

Description

Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/16562

This Metasploit module exploits a stack buffer overflow in Apple iTunes 4.7 via a malicious PLS file. It delivers a payload through an HTTP server, triggering arbitrary code execution when the victim opens the crafted playlist.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Apple iTunes 4.7 build 4.7.0.42
No auth needed
Prerequisites: Victim must open a malicious PLS file hosted on an attacker-controlled server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by nemo · clocalosx
https://www.exploit-db.com/exploits/758

This exploit generates a malicious .pls file that, when loaded by iTunes on OS X 10.3.7, triggers a buffer overflow to execute shellcode binding a shell to port 4444. The shellcode is crafted to avoid null bytes and newlines.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: iTunes on OS X 10.3.7
No auth needed
Prerequisites: Victim must open the malicious .pls file in iTunes
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/apple_itunes_playlist.rb

This Metasploit module exploits a stack buffer overflow in Apple iTunes 4.7 by crafting a malicious PLS file. The exploit triggers arbitrary code execution via a specially formatted playlist file delivered over HTTP.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Apple iTunes 4.7 build 4.7.0.42
No auth needed
Prerequisites: Victim must open a malicious PLS file via iTunes
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (8)

Core 8
Core References
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/377368
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1012839
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18851
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/13804
Exploit, Patch third-party-advisory x_refsource_idefense
http://www.idefense.com/application/poi/display?id=180&type=vulnerabilities
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/12833
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/12238

Scores

EPSS 0.6901
EPSS Percentile 99.3%

Details

Status published
Products (1)
apple/itunes 4.7
Published May 02, 2005
Tracked Since Feb 18, 2026