Itunes@9.0.3 Security Vulnerabilities and Issues — Itunes@9.0.3 CVE List

Lucene search

AppleItunes9.0.3

160 matches found

CVE•added 2011/10/12 6:55 p.m.•134 views

CVE-2011-2813

WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.

7.6CVSS7.5AI score0.01198EPSS

CVE•added 2012/09/13 10:30 a.m.•117 views

CVE-2012-3684

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2011/03/03 8:0 p.m.•78 views

CVE-2011-0191

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

9.3CVSS7.5AI score0.0907EPSS

CVE•added 2011/03/03 8:0 p.m.•67 views

CVE-2011-0192

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file tha...

9.3CVSS7.2AI score0.05606EPSS

CVE•added 2010/07/30 1:26 p.m.•64 views

CVE-2010-1777

Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL.

9.3CVSS7.9AI score0.02843EPSS

CVE•added 2011/10/12 6:55 p.m.•61 views

CVE-2011-3219

Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.

9.3CVSS8.7AI score0.04261EPSS

CVE•added 2011/10/12 6:55 p.m.•60 views

CVE-2011-2352

7.6CVSS7.5AI score0.01016EPSS

CVE•added 2010/08/20 8:0 p.m.•58 views

CVE-2010-1795

Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.

9.3CVSS6.4AI score0.0254EPSS

CVE•added 2011/10/12 6:55 p.m.•58 views

CVE-2011-2338

7.6CVSS7.5AI score0.01224EPSS

CVE•added 2011/10/12 6:55 p.m.•56 views

CVE-2011-3237

7.6CVSS7.5AI score0.01157EPSS

CVE•added 2013/05/20 2:44 p.m.•55 views

CVE-2013-0999

WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-0...

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2011/10/12 6:55 p.m.•54 views

CVE-2011-2809

7.6CVSS7.5AI score0.01016EPSS

CVE•added 2011/03/03 8:0 p.m.•53 views

CVE-2011-0149

WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associated with document namespaces, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to a "dang...

7.6CVSS9.2AI score0.01709EPSS

CVE•added 2011/10/12 6:55 p.m.•53 views

CVE-2011-0259

CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

7.6CVSS8.7AI score0.01392EPSS

CVE•added 2011/10/12 6:55 p.m.•53 views

CVE-2011-2339

7.6CVSS7.5AI score0.01198EPSS

CVE•added 2011/10/12 6:55 p.m.•53 views

CVE-2011-2341

7.6CVSS7.5AI score0.01224EPSS

CVE•added 2013/05/20 2:44 p.m.•53 views

CVE-2013-0994

6.8CVSS7.5AI score0.00819EPSS

CVE•added 2013/05/20 2:44 p.m.•53 views

CVE-2013-1003

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2010/06/18 4:30 p.m.•52 views

CVE-2010-1769

WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a dif...

10CVSS8.4AI score0.08537EPSS

CVE•added 2011/03/03 8:0 p.m.•52 views

CVE-2011-0122

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011...

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•52 views

CVE-2011-0164

7.6CVSS9.1AI score0.00937EPSS

CVE•added 2011/10/12 6:55 p.m.•52 views

CVE-2011-2354

7.6CVSS7.5AI score0.01016EPSS

CVE•added 2011/10/12 6:55 p.m.•52 views

CVE-2011-2356

7.6CVSS7.5AI score0.01016EPSS

CVE•added 2011/10/12 6:55 p.m.•52 views

CVE-2011-2831

7.6CVSS7.5AI score0.01198EPSS

CVE•added 2012/09/13 10:30 a.m.•52 views

CVE-2012-3606

9.3CVSS7.8AI score0.01247EPSS

CVE•added 2012/09/13 10:30 a.m.•52 views

CVE-2012-3671

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2013/05/20 2:44 p.m.•52 views

CVE-2013-0992

6.8CVSS7.5AI score0.20673EPSS

CVE•added 2013/05/20 2:44 p.m.•52 views

CVE-2013-1001

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2011/03/03 8:0 p.m.•51 views

CVE-2011-0145

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2013/05/20 2:44 p.m.•51 views

CVE-2013-1004

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2013/05/20 2:44 p.m.•51 views

CVE-2013-1005

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2011/03/03 8:0 p.m.•50 views

CVE-2011-0130

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2012/03/08 10:55 p.m.•50 views

CVE-2011-2866

WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.

7.6CVSS7.5AI score0.01224EPSS

CVE•added 2011/10/12 6:55 p.m.•50 views

CVE-2011-3239

7.6CVSS7.5AI score0.01363EPSS

CVE•added 2012/09/13 10:30 a.m.•50 views

CVE-2012-3598

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2012/09/13 10:30 a.m.•50 views

CVE-2012-3652

6.8CVSS7.8AI score0.01106EPSS

CVE•added 2012/09/13 10:30 a.m.•50 views

CVE-2012-3704

6.8CVSS7.8AI score0.00952EPSS

CVE•added 2012/09/13 10:30 a.m.•50 views

CVE-2012-3711

6.8CVSS7.8AI score0.01555EPSS

CVE•added 2013/05/20 2:44 p.m.•50 views

CVE-2013-1002

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2013/05/20 2:44 p.m.•50 views

CVE-2013-1008

9.3CVSS7.5AI score0.01302EPSS

CVE•added 2010/06/18 4:30 p.m.•49 views

CVE-2010-1763

Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769.

10CVSS8AI score0.08537EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0117

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0120

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0121

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0125

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0132

Use-after-free vulnerability in the Runin box functionality in the Cascading Style Sheets (CSS) 2.1 Visual Formatting Model implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of se...

7.6CVSS9.2AI score0.01045EPSS

CVE•added 2011/03/03 8:0 p.m.•49 views

CVE-2011-0146

7.6CVSS9.2AI score0.00937EPSS

CVE•added 2011/10/12 6:55 p.m.•49 views

CVE-2011-2820

7.6CVSS7.5AI score0.01198EPSS

CVE•added 2012/03/08 10:55 p.m.•49 views

CVE-2012-0637

7.6CVSS7.5AI score0.00861EPSS

CVE•added 2012/09/13 10:30 a.m.•49 views

CVE-2012-3632