PRIOn knowledge basePRION:CVE-2011-0170

HistoryMar 03, 2011 - 8:00 p.m.

Heap overflow

2011-03-0320:00:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.026 Low

EPSS

Percentile

90.0%

JSON

Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted International Color Consortium (ICC) profile in a JPEG image.

CPENameOperatorVersion
itunesle10.1.2
ituneseq4.0.0
ituneseq4.0.1
ituneseq4.1.0
ituneseq4.2.0
ituneseq4.5
ituneseq4.5.0
ituneseq4.6
ituneseq4.6.0
ituneseq4.7

Name	Operator	Version
itunes	le	10.1.2
itunes	eq	4.0.0
itunes	eq	4.0.1
itunes	eq	4.1.0
itunes	eq	4.2.0
itunes	eq	4.5
itunes	eq	4.5.0
itunes	eq	4.6
itunes	eq	4.6.0
itunes	eq	4.7

Rows per page:

1-10 of 651

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=897

lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

support.apple.com/kb/HT4554

support.apple.com/kb/HT4566

support.apple.com/kb/HT4581

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17367

8.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.026 Low

EPSS

Percentile

90.0%

JSON

Related for PRION:CVE-2011-0170