5.8
CVE-2014-1242
- EPSS 1.02%
- Veröffentlicht 23.01.2014 19:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.02% | 0.588 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:P
|
http://support.apple.com/kb/HT6001
http://osvdb.org/102410
http://www.securityfocus.com/bid/65088
http://www.securitytracker.com/id/1029671
https://exchange.xforce.ibmcloud.com/vulnerabilities/90653