Apple

iTunes

922 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2010-1387

  • EPSS 8.54%
  • Veröffentlicht 18.06.2010 16:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) vi...

10

CVE-2010-1763

  • EPSS 0.76%
  • Veröffentlicht 18.06.2010 16:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769.

10

CVE-2010-1769

  • EPSS 5.53%
  • Veröffentlicht 18.06.2010 16:30:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (appl...

4.3

CVE-2010-0531

  • EPSS 0.48%
  • Veröffentlicht 31.03.2010 18:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file.

6.9

CVE-2010-0532

  • EPSS 0.03%
  • Veröffentlicht 31.03.2010 18:30:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.

9.3

CVE-2009-2817

  • EPSS 19.85%
  • Veröffentlicht 24.09.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.

9.3

CVE-2009-0950

  • EPSS 82.11%
  • Veröffentlicht 02.06.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.

5

CVE-2009-0016

  • EPSS 1.44%
  • Veröffentlicht 14.03.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.

4.3

CVE-2009-0143

  • EPSS 0.71%
  • Veröffentlicht 14.03.2009 18:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast.

9.3

CVE-2008-5406

  • EPSS 6.12%
  • Veröffentlicht 10.12.2008 06:44:42
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with "long arguments," related to an "off by o...