Itunes@1.1 Security Vulnerabilities and Issues — Itunes@1.1 CVE List

Lucene search

AppleItunes1.1

4 matches found

CVE•added 2008/08/01 2:41 p.m.•211 views

CVE-2008-3434

Apple iTunes before 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.

7.5CVSS7AI score0.00698EPSS

CVE•added 2010/07/30 1:26 p.m.•64 views

CVE-2010-1777

Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL.

9.3CVSS7.9AI score0.02843EPSS

CVE•added 2009/06/02 6:30 p.m.•55 views

CVE-2009-0950

Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.

9.3CVSS7.9AI score0.82109EPSS

CVE•added 2008/09/11 1:13 a.m.•52 views

CVE-2008-3634

Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better i...

2.6CVSS5.9AI score0.00283EPSS