Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:apple:itunes:4.5:*:windows:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-3621 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-3617 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-3616 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-3614 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-3613 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-3612 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-3607 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-3606 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-3602 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-3601 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:19 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-3598 |
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. Published: September 13, 2012; 6:30:18 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-1769 |
WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763. Published: June 18, 2010; 12:30:01 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2010-1763 |
Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769. Published: June 18, 2010; 12:30:01 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2010-0532 |
Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse. Published: March 31, 2010; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2010-0531 |
Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file. Published: March 31, 2010; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-2817 |
Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file. Published: September 24, 2009; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0950 |
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon. Published: June 02, 2009; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2009-0016 |
Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header. Published: March 14, 2009; 2:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2008-3636 |
Integer overflow in the IopfCompleteRequest API in the kernel in Microsoft Windows 2000, XP, Server 2003, and Vista allows context-dependent attackers to gain privileges. NOTE: this issue was originally reported for GEARAspiWDM.sys 2.0.7.5 in Gear Software CD DVD Filter driver before 4.001.7, as used in other products including Apple iTunes and multiple Symantec and Norton products, which allows local users to gain privileges via repeated IoAttachDevice IOCTL calls to \\.\GEARAspiWDMDevice in this GEARAspiWDM.sys. However, the root cause is the integer overflow in the API call itself. Published: September 10, 2008; 9:13:10 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |