Lucene search
HistoryJun 12, 2012 - 2:55 p.m.
CVE-2012-0677
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
High
EPSS
0.759
Percentile
98.2%
Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.
Affected configurations
Node
appleitunesRangeβ€10.6.1
ORappleitunesMatch10.0
ORappleitunesMatch10.0.1
ORappleitunesMatch10.1
ORappleitunesMatch10.1.1
ORappleitunesMatch10.1.1.4
ORappleitunesMatch10.1.2
ORappleitunesMatch10.2
ORappleitunesMatch10.2.2.12
ORappleitunesMatch10.3
ORappleitunesMatch10.3.1
ORappleitunesMatch10.4
ORappleitunesMatch10.4.0.80
ORappleitunesMatch10.4.1
ORappleitunesMatch10.4.1.10
ORappleitunesMatch10.5
ORappleitunesMatch10.5.1
ORappleitunesMatch10.5.1.42
ORappleitunesMatch10.5.2
ORappleitunesMatch10.5.3
ORappleitunesMatch10.6
Related
nessus
nessus
iTunes < 10.6.3 m3u Multiple Buffer Overflow Vulnerabilities (Mac OS X)
2012-06-14 00:00:00
iTunes < 10.6.3 Multiple Vulnerabilities
2012-06-19 00:00:00
Apple iTunes < 10.6.3 Multiple Vulnerabilities (uncredentialed check)
2012-06-14 00:00:00
canvas
canvas
Immunity Canvas: ITUNES_10_6_1
2012-06-12 14:55:00
saint
saint
iTunes m3u Playlist Overflow
2012-07-03 00:00:00
iTunes m3u Playlist Overflow
2012-07-03 00:00:00
iTunes m3u Playlist Overflow
2012-07-03 00:00:00
packetstorm
packetstorm
iTunes Extended M3U Stack Buffer Overflow
2012-06-21 00:00:00
Apple iTunes 10.6.1.7 M3U Playlist Buffer Overflow
2012-06-12 00:00:00
seebug
seebug
Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow
2014-07-01 00:00:00
Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow
2014-07-01 00:00:00
Apple iTunesζ§θ‘δ»»ζ代η εζη»ζε‘ζΌζ΄
2012-06-13 00:00:00
openvas
openvas
Apple iTunes '.m3u' Playlist Code Execution Vulnerability (Mac OS X)
2012-06-12 00:00:00
Apple iTunes '.m3u' Playlist Code Execution Vulnerabilities (Windows)
2012-06-12 00:00:00
Apple iTunes '.m3u' Playlist Code Execution Vulnerabilities - Windows
2012-06-12 00:00:00
exploitdb
exploitdb
Apple iTunes 10.6.1.7 - Extended m3u Stack Buffer Overflow (Metasploit)
2012-06-21 00:00:00
Apple iTunes 10.6.1.7 - '.m3u' Walking Heap Buffer Overflow (PoC)
2012-06-13 00:00:00
cve
cve
CVE-2012-0677
2012-06-12 14:55:01
checkpoint_advisories
checkpoint_advisories
Apple iTunes m3u Playlist Multiple Buffer Overflows - High Confidence (CVE-2012-0677)
2013-03-03 00:00:00
Apple iTunes m3u Playlist Multiple Buffer Overflows (CVE-2012-0677)
2012-09-04 00:00:00
zeroscience
zeroscience
Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow
2012-06-12 00:00:00
exploitpack
exploitpack
Apple iTunes 10.6.1.7 - .m3u Walking Heap Buffer Overflow (PoC)
2012-06-13 00:00:00
Apple iTunes 10.6.1.7 - Extended m3u Stack Buffer Overflow (Metasploit)
2012-06-21 00:00:00
prion
prion
Heap overflow
2012-06-12 14:55:00
cvelist
cvelist
CVE-2012-0677
2012-06-12 14:00:00
securityvulns
securityvulns
Apple iTunes security vulnerabilities
2012-06-12 00:00:00
APPLE-SA-2012-06-11-1 iTunes 10.6.3
2012-06-12 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
High
EPSS
0.759
Percentile
98.2%
Related for NVD:CVE-2012-0677