Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:8D185BE1921406EFC95F7C2188497906
HistoryJul 06, 2009 - 12:00 a.m.

Apple iTunes itms: URL buffer overflow

2009-07-0600:00:00
SAINT Corporation
download.saintcorporation.com
16

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.4%

JSON

Added: 07/06/2009
CVE: CVE-2009-0950
BID: 35157
OSVDB: 54833

Background

iTunes is a free media player for multiple platforms.

Problem

A buffer overflow vulnerability allows command execution when a user opens a specially crafted **itms://** URL.

Resolution

Upgrade to iTunes 8.2 or higher.

References

<http://support.apple.com/kb/HT3592&gt;

Limitations

Exploit works on iTunes 8.1.1 and requires a user to open the exploit URL in iTunes.

Platforms

Windows XP

Related

seebug 4
securityvulns 2
prion 1
cvelist 1
openvas 2
nessus 3
packetstorm 2
exploitpack 3
checkpoint_advisories 1
saint 3
cve 1
exploitdb 3
seebug
seebug
Apple iTunes 8.1.1 (ITMS) Multiple Protocol Handler BOF Exploit (meta)
2009-06-04 00:00:00
Apple iTunes 8.1.x - (daap) Buffer Overflow Remote Exploit
2014-07-01 00:00:00
Apple iTunes itms: URI栈溢出漏洞
2009-06-04 00:00:00
securityvulns
securityvulns
TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities
2009-06-04 00:00:00
Apple iTunes multiple security vulnerabilities
2009-06-04 00:00:00
prion
prion
Stack overflow
2009-06-02 18:30:00
cvelist
cvelist
CVE-2009-0950
2009-06-02 18:00:00
openvas
openvas
Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability (HT3592)
2009-06-04 00:00:00
Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability
2009-06-04 00:00:00
nessus
nessus
Apple iTunes < 8.2 itms: URI Handling Overflow (credentialed check)
2009-06-02 00:00:00
Apple iTunes < 8.2 itms: URI Handling Overflow (uncredentialed check)
2009-06-02 00:00:00
iTunes < 8.2 itms: URL Stack Overflow (Mac OS X)
2009-06-02 00:00:00
packetstorm
packetstorm
Apple iTunes 8.1.1.10 Buffer Overflow Exploit
2009-06-12 00:00:00
Apple OS X iTunes 8.1.1 ITMS Overflow
2009-12-31 00:00:00
exploitpack
exploitpack
Apple iTunes 8.1.1.10 (Windows) - itmsitcp Remote Buffer Overflow
2009-06-12 00:00:00
Apple iTunes 8.1.1 - ITMS Multiple Protocol Handler Buffer Overflow (Metasploit)
2009-06-03 00:00:00
Apple iTunes 8.1.x - daap Remote Buffer Overflow
2010-01-14 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple iTunes Protocol Handler Stack Buffer Overflow (CVE-2009-0950)
2010-02-01 00:00:00
saint
saint
Apple iTunes itms: URL buffer overflow
2009-07-06 00:00:00
Apple iTunes itms: URL buffer overflow
2009-07-06 00:00:00
Apple iTunes itms: URL buffer overflow
2009-07-06 00:00:00
cve
cve
CVE-2009-0950
2009-06-02 18:30:00
exploitdb
exploitdb
Apple iTunes 8.1.x - &#039;daap&#039; Remote Buffer Overflow
2010-01-14 00:00:00
Apple iTunes 8.1.1.10 (Windows) - &#039;itms/itcp&#039; Remote Buffer Overflow
2009-06-12 00:00:00
Apple iTunes 8.1.1 - &#039;ITMS&#039; Multiple Protocol Handler Buffer Overflow (Metasploit)
2009-06-03 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.964 High

EPSS

Percentile

99.4%

JSON
Related for SAINT:8D185BE1921406EFC95F7C2188497906
seebug4securityvulns2prion1cvelist1openvas2nessus3packetstorm2exploitpack3checkpoint_advisories1saint3cve1exploitdb3