U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:apple:itunes:7.3.1:-:windows:*:*:*:*:*
There are 59 matching records.
Displaying matches 41 through 59.
Vuln ID Summary CVSS Severity
CVE-2012-3621

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-3617

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-3616

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-3614

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-3613

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-3612

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-3607

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-3606

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-3602

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-3601

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:19 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-3598

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.

Published: September 13, 2012; 6:30:18 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2010-1795

Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.

Published: August 20, 2010; 4:00:02 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-1769

WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763.

Published: June 18, 2010; 12:30:01 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-1763

Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769.

Published: June 18, 2010; 12:30:01 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-0532

Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.

Published: March 31, 2010; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2010-0531

Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file.

Published: March 31, 2010; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-2817

Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.

Published: September 24, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0950

Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.

Published: June 02, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0016

Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.

Published: March 14, 2009; 2:30:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM