iTunes 4.7.1 fixes a buffer overflow in the parsing of m3u and pls playlist files that could allow earlier versions of iTunes to crash and execute arbitrary code.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/35698/APPLE-SA-2005-01-11.txt
Source: https://packetstormsecurity.com/files/35698/Apple-Security-Advisory-2005-01-11.html