This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apple:itunes:8.0.2
Detail
VendorAppleFirst view 2009-06-02
ProductItunesLast view2016-09-25
Version8.0.2TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apple:itunes

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82016-09-25CVE-2016-4769NetworkMediumNone Requ...
6.82016-09-25CVE-2016-4768NetworkMediumNone Requ...
6.82016-09-25CVE-2016-4767NetworkMediumNone Requ...
6.82016-09-25CVE-2016-4766NetworkMediumNone Requ...
6.82016-09-25CVE-2016-4765NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.92016-09-25CVE-2016-4763NetworkMediumRequires ...
4.32016-09-25CVE-2016-4760NetworkMediumNone Requ...
6.82016-09-25CVE-2016-4759NetworkMediumNone Requ...
4.32016-09-25CVE-2016-4758NetworkMediumNone Requ...
6.82016-09-25CVE-2016-4728NetworkMediumNone Requ...
102016-06-09CVE-2016-4448NetworkLowNone Requ...
7.22016-05-20CVE-2016-1742LocalLowNone Requ...
7.52015-10-23CVE-2015-7017NetworkLowNone Requ...
6.82015-10-23CVE-2015-7014NetworkMediumNone Requ...
6.82015-10-23CVE-2015-7013NetworkMediumNone Requ...
6.82015-10-23CVE-2015-7012NetworkMediumNone Requ...
6.82015-10-23CVE-2015-7011NetworkMediumNone Requ...
6.82015-10-23CVE-2015-7002NetworkMediumNone Requ...
7.52015-10-23CVE-2015-6992NetworkLowNone Requ...
7.52015-10-23CVE-2015-6975NetworkLowNone Requ...
6.82015-10-23CVE-2015-5931NetworkMediumNone Requ...
6.82015-10-23CVE-2015-5930NetworkMediumNone Requ...
6.82015-10-23CVE-2015-5929NetworkMediumNone Requ...
6.82015-10-23CVE-2015-5928NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
79% (233)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
16% (48)CWE-399Resource Management Errors
1% (3)CWE-20Improper Input Validation
0% (2)CWE-310Cryptographic Issues
0% (2)CWE-264Permissions, Privileges, and Access Controls
Hide | Show 5 More...
%idName
0% (1)CWE-416Use After Free
0% (1)CWE-362Race Condition
0% (1)CWE-284Access Control (Authorization) Issues
0% (1)CWE-200Information Exposure
0% (1)CWE-17Code

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:16788WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17299WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17272WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execu...
oval:org.mitre.oval:def:17605Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which...
oval:org.mitre.oval:def:17280WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:16916WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17187WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attac...
oval:org.mitre.oval:def:24426WebKit vulnerability in Apple Safari, this issue was addressed through improv...
oval:org.mitre.oval:def:16974WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17601WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attac...
oval:org.mitre.oval:def:24296WebKit vulnerability in Apple Safari, this issue was addressed through improv...
oval:org.mitre.oval:def:18997The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attacker...
oval:org.mitre.oval:def:17169WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17094WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17572WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attac...
oval:org.mitre.oval:def:24271WebKit vulnerability in Apple Safari, this issue was addressed through improv...
oval:org.mitre.oval:def:17546WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execu...
oval:org.mitre.oval:def:17334WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17394WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17384WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execu...
oval:org.mitre.oval:def:16919CoreFoundation, as used in Apple iTunes before 10.5, does not properly perfor...
oval:org.mitre.oval:def:17133WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attacke...
oval:org.mitre.oval:def:17191WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17458WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17099Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attacker...

SAINT Exploits

DescriptionLink
Apple iTunes itms: URL buffer overflowMore info here
iTunes m3u Playlist OverflowMore info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
76387Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3241)
76386Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3239)
76385Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-2811)
76384Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3238)
76383Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3233)
Hide | Show 20 More...
idDescription
76382Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-2815)
76381Apple iTunes CoreAudio Audio Stream Handling Overflow
76374Apple Mac OS X QuickTime H.264 Movie File Handling Overflow
76352Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76351Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76350Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76349Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76348Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76347Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76346Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76345Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76344Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76343Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76342Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76341Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76340Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76339Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76338Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76337Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76336Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...

Milw0rm Exploits

idDescription
2009-06-12Apple iTunes 8.1.1.10 (itms/itcp) Remote Buffer Overflow Exploit (win)
2009-06-03Apple iTunes 8.1.1 (ITMS) Multiple Protocol Handler BOF Exploit (meta)

ExploitDB Exploits

idDescription
19322Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow
19098Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow
11491iTunes 9.0.1 .pls File Handling Buffer Overflow
11138Apple iTunes 8.1.x (daap) Buffer overflow remote exploit (CVE-2009-0950)
8934Apple iTunes 8.1.1.10 (itms/itcp) Remote Buffer Overflow Exploit (win)
Hide | Show 1 More...
idDescription
8861Apple iTunes 8.1.1 (ITMS) Multiple Protocol Handler BOF Exploit (meta)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-10-26Name : Ubuntu Update for webkit USN-1617-1
File : nvt/gb_ubuntu_USN_1617_1.nasl
2012-10-01Name : Apple Safari Multiple Vulnerabilities - Oct 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_oct12_macosx.nasl
2012-09-26Name : Gentoo Security Advisory GLSA 201209-02 (tiff)
File : nvt/glsa_201209_02.nasl
2012-09-17Name : Apple iTunes Multiple Vulnerabilities - Sep 12 (Windows)
File : nvt/gb_apple_itunes_mult_vuln_sep12_win.nasl
2012-07-30Name : CentOS Update for libtiff CESA-2011:0318 centos5 x86_64
File : nvt/gb_CESA-2011_0318_libtiff_centos5_x86_64.nasl
Hide | Show 20 More...
idDescription
2012-07-30Name : CentOS Update for libtiff CESA-2011:0392 centos5 x86_64
File : nvt/gb_CESA-2011_0392_libtiff_centos5_x86_64.nasl
2012-06-12Name : Apple iTunes '.m3u' Playlist Code Execution Vulnerability (Mac OS X)
File : nvt/gb_apple_itunes_playlist_code_exec_vuln_macosx.nasl
2012-06-12Name : Apple iTunes '.m3u' Playlist Code Execution Vulnerabilities (Win)
File : nvt/gb_apple_itunes_playlist_code_exec_vuln_win.nasl
2012-05-24Name : Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows)
File : nvt/secpod_apple_safari_mult_vuln_win_oct11.nasl
2012-03-20Name : Apple iTunes Multiple Vulnerabilities - Mar12 (Win)
File : nvt/gb_apple_itunes_mult_vuln_mar12_win.nasl
2012-03-13Name : Apple Safari Webkit Multiple Vulnerabilities - March12 (Mac OS X)
File : nvt/gb_apple_safari_webkit_mult_vuln_mar12_macosx.nasl
2012-03-13Name : Apple Safari Webkit Multiple Vulnerabilities - March12 (Win)
File : nvt/gb_apple_safari_webkit_mult_vuln_mar12_win.nasl
2012-02-06Name : Mac OS X Multiple Vulnerabilities (2012-001)
File : nvt/gb_macosx_su12-001.nasl
2011-11-03Name : Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
File : nvt/gb_apple_quicktime_mult_dos_vuln_win_nov11.nasl
2011-10-20Name : Apple iTunes Multiple Vulnerabilities - Oct 11
File : nvt/gb_apple_itunes_mult_vuln_oct11_win.nasl
2011-10-20Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
File : nvt/gb_macosx_su11-006.nasl
2011-10-20Name : Apple MAC OS X v10.6.8 Safari Multiple Vulnerabilities
File : nvt/gb_safari_mult_vuln_macosx.nasl
2011-08-26Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-08-26Name : Apple iTunes Multiple Vulnerabilities (Mac OS X)
File : nvt/secpod_itunes_mult_vuln_macosx.nasl
2011-08-12Name : Apple Safari Multiple Vulnerabilities - March 2011 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_mar11_macosx.nasl
2011-08-09Name : CentOS Update for libtiff CESA-2011:0318 centos5 i386
File : nvt/gb_CESA-2011_0318_libtiff_centos5_i386.nasl
2011-08-09Name : CentOS Update for libtiff CESA-2011:0392 centos5 i386
File : nvt/gb_CESA-2011_0392_libtiff_centos5_i386.nasl
2011-05-12Name : Debian Security Advisory DSA 2210-1 (tiff)
File : nvt/deb_2210_1.nasl
2011-05-06Name : SuSE Update for kernel SUSE-SA:2011:020
File : nvt/gb_suse_2011_020.nasl
2011-04-22Name : Fedora Update for libtiff FEDORA-2011-5304
File : nvt/gb_fedora_2011_5304_libtiff_fc14.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0222Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0061471
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2016-04-05Apple iTunes PLS file parsing buffer overflow attempt
RuleID : 37959 - Type : FILE-MULTIMEDIA - Revision : 1
2015-02-11Apple iTunes Extended M3U playlist record overflow attempt
RuleID : 33042 - Type : FILE-MULTIMEDIA - Revision : 2
2015-02-11Apple iTunes Extended M3U playlist record overflow attempt
RuleID : 33041 - Type : FILE-MULTIMEDIA - Revision : 1
2014-01-10Gong Da exploit kit possible jar download
RuleID : 27706 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Gong Da exploit kit Java exploit requested
RuleID : 27705 - Type : EXPLOIT-KIT - Revision : 3
Hide | Show 20 More...
DateDescription
2014-01-10Gong Da exploit kit Java exploit requested
RuleID : 27704 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Gong Da exploit kit plugin detection
RuleID : 27703 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10Gong Da exploit kit landing page
RuleID : 27702 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Gong Da Jar file download
RuleID : 27701 - Type : EXPLOIT-KIT - Revision : 2
2014-01-10Sweet Orange exploit kit landing page in.php base64 uri
RuleID : 26834-community - Type : EXPLOIT-KIT - Revision : 5
2014-01-10Sweet Orange exploit kit landing page in.php base64 uri
RuleID : 26834 - Type : EXPLOIT-KIT - Revision : 5
2014-01-10Sweet Orange exploit kit landing page
RuleID : 26804 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Sweet Orange exploit kit landing page
RuleID : 26233 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Sweet Orange exploit kit landing page
RuleID : 26232 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Sweet Orange exploit kit landing page
RuleID : 26094 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Gong Da exploit kit redirection page received
RuleID : 26013 - Type : EXPLOIT-KIT - Revision : 4
2014-01-10Apple Safari Webkit css title memory corruption attempt
RuleID : 25040 - Type : BROWSER-WEBKIT - Revision : 2
2014-01-10Apple Safari Webkit css title memory corruption attempt
RuleID : 25039 - Type : BROWSER-WEBKIT - Revision : 2
2014-01-10Apple Safari Webkit css title memory corruption attempt
RuleID : 25038 - Type : BROWSER-WEBKIT - Revision : 6
2014-01-10Apple Safari Webkit css title memory corruption attempt
RuleID : 25037 - Type : BROWSER-WEBKIT - Revision : 6
2014-01-10Apple Safari WebKit form elements virtual function DoS attempt
RuleID : 25036 - Type : BROWSER-WEBKIT - Revision : 6
2014-01-10Apple iTunes Extended M3U playlist record overflow attempt
RuleID : 23588 - Type : FILE-MULTIMEDIA - Revision : 6
2014-01-10Apple iTunes Extended M3U playlist record overflow attempt
RuleID : 23587 - Type : FILE-MULTIMEDIA - Revision : 6
2014-01-10Apple iTunes Extended M3U playlist record overflow attempt
RuleID : 23272 - Type : FILE-MULTIMEDIA - Revision : 8
2014-01-10Apple iTunes Extended M3U playlist record overflow attempt
RuleID : 23271 - Type : FILE-MULTIMEDIA - Revision : 13

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2016-11-18Name : An application running on the remote host is affected by multiple vulnerabili...
File : itunes_12_5_1_banner.nasl - Type : ACT_GATHER_INFO
2016-11-16Name : The remote host contains an application that is affected by multiple vulnerab...
File : itunes_12_5_1.nasl - Type : ACT_GATHER_INFO
2016-09-28Name : The remote Apple TV device is affected by multiple vulnerabilities.
File : appletv_10.nasl - Type : ACT_GATHER_INFO
2016-09-26Name : A web browser installed on the remote host is affected by multiple vulnerabil...
File : macosx_Safari10_0.nasl - Type : ACT_GATHER_INFO
2016-08-29Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1604-1.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2016-07-21Name : The remote device is affected by multiple vulnerabilities.
File : appletv_9_2_2.nasl - Type : ACT_GATHER_INFO
2016-07-21Name : The remote host is missing a Mac OS X security update that fixes multiple vul...
File : macosx_10_11_6.nasl - Type : ACT_GATHER_INFO
2016-07-21Name : The remote host is missing a Mac OS X update that fixes multiple vulnerabilit...
File : macosx_SecUpd2016-004.nasl - Type : ACT_GATHER_INFO
2016-07-19Name : The remote host contains an application that is affected by multiple vulnerab...
File : itunes_12_4_2.nasl - Type : ACT_GATHER_INFO
2016-07-19Name : The remote host is running an application that is affected by multiple vulner...
File : itunes_12_4_2_banner.nasl - Type : ACT_GATHER_INFO
2016-07-15Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2016-719.nasl - Type : ACT_GATHER_INFO
2016-06-24Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2016-1292.nasl - Type : ACT_GATHER_INFO
2016-06-24Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2016-1292.nasl - Type : ACT_GATHER_INFO
2016-06-24Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2016-0087.nasl - Type : ACT_GATHER_INFO
2016-06-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2016-1292.nasl - Type : ACT_GATHER_INFO
2016-06-24Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20160623_libxml2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2016-06-17Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-733.nasl - Type : ACT_GATHER_INFO
2016-06-17Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1538-1.nasl - Type : ACT_GATHER_INFO
2016-05-31Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2016-148-01.nasl - Type : ACT_GATHER_INFO
2016-05-27Name : The remote host contains an application that is affected by a DLL injection v...
File : itunes_12_4.nasl - Type : ACT_GATHER_INFO
2016-05-27Name : The remote host is running an application that is affected by a DLL injection...
File : itunes_12_4_banner.nasl - Type : ACT_GATHER_INFO
2016-04-04Name : The remote device is affected by multiple vulnerabilities.
File : appletv_7_2_1.nasl - Type : ACT_GATHER_INFO
2016-04-01Name : The remote Fedora host is missing a security update.
File : fedora_2016-9ec1850fff.nasl - Type : ACT_GATHER_INFO
2016-04-01Name : The remote openSUSE host is missing a security update.
File : openSUSE-2016-412.nasl - Type : ACT_GATHER_INFO
2016-03-28Name : The remote Fedora host is missing a security update.
File : fedora_2016-a4fcb02d6b.nasl - Type : ACT_GATHER_INFO