Lucene search

K

Tenable5573.PRM

HistoryJun 17, 2010 - 12:00 a.m.

iTunes < 9.2 Multiple Vulnerabilities

2010-06-1700:00:00

Tenable

www.tenable.com

11

Versions of iTunes older than 9.2 are potentially affected by multiple vulnerabilities :

A heap buffer overflow in the handling of images with an embedded ColorSync profile may lead to an application crash or arbitrary code execution. (CVE-2009-1726)
Multiple integer overflows in ImageIO’s handling of TIFF files may lead to an application crash or arbitrary code execution. (CVE-2010-1411)
Multiple vulnerabilities in WebKit may have a variety of effects, including arbitrary code execution. (CVE-2010-0544, CVE-2010-1119, CVE-2010-1387, CVE-2010-1390, CVE-2010-1392, CVE-2010-1393, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1749, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1763, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1774)

Binary data 5573.prm

VendorProductVersionCPE
appleitunescpe:/a:apple:itunes

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1726

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0544

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1119

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1387

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1390

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1392

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1393

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1395

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1396

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1397

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1398

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1399

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1400

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1401

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1402

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1403

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1404

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1405

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1408

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1409

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1410

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1411

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1412

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1414

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1415

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1416

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1417

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1418

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1419

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1421

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1422

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1749

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1758

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1759

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1761

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1763

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1769

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1770

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1771

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1774

lists.apple.com/archives/security-announce/2010/jun/msg00002.html

support.apple.com/kb/HT4220