VUPEN Vulnerability Research Team discovered a vulnerability in Apple iTunes. The flaw is caused by an integer overflow error in ColorSync when processing certain images with an embedded color profile, which could be exploited by attackers to potentially execute arbitrary code via a specially crafted image.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/87925/appleitunescs-overflow.txt
Source: https://packetstormsecurity.com/files/87925/Apple-iTunes-ColorSync-Profile-Integer-Overflow.html