This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Apple First view 2005-05-02
Product Itunes Last view 2020-06-09
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:* 611
cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:* 611
cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.7.1.30:*:*:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.2.72:*:*:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:2.0.4:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:1.1.1:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.0.1:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:3.0.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:2.0.1:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:5.0.1:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.7.1:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.9.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:5.0.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.2.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.7.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:6.0.4:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.0.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:1.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:6.0.2:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.1.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:2.0.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:2.0.3:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:6.0.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:6.0.3:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.8.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.5.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:4.6.0:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:3.0.1:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:2.0.2:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:1.1.2:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:6.0.1:-:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:5.0:*:windows:*:*:*:*:* 610
cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:* 609
cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:* 609

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.8 2020-06-09 CVE-2020-9850

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution.

7.1 2020-06-09 CVE-2020-9843

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack.

8.8 2020-06-09 CVE-2020-9807

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2020-06-09 CVE-2020-9806

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

7.1 2020-06-09 CVE-2020-9805

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.

8.8 2020-06-09 CVE-2020-9803

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2020-06-09 CVE-2020-9802

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2020-06-09 CVE-2020-9800

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.

8.1 2020-06-09 CVE-2020-9794

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service or potentially disclose memory contents.

8.8 2020-06-09 CVE-2020-9790

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.

8.8 2020-06-09 CVE-2020-9789

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.

8.8 2020-04-01 CVE-2020-9783

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to code execution.

9.8 2020-04-01 CVE-2020-3911

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8 2020-04-01 CVE-2020-3910

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

9.8 2020-04-01 CVE-2020-3909

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.

6.1 2020-04-01 CVE-2020-3902

An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.

8.8 2020-04-01 CVE-2020-3901

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2020-04-01 CVE-2020-3900

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.

8.8 2020-04-01 CVE-2020-3899

A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.

8.8 2020-04-01 CVE-2020-3897

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.

8.8 2020-04-01 CVE-2020-3895

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.

3.1 2020-04-01 CVE-2020-3894

A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory.

4.3 2020-04-01 CVE-2020-3887

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated.

4.3 2020-04-01 CVE-2020-3885

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed.

7.5 2020-02-28 CVE-2019-8741

A denial of service issue was addressed with improved input validation.

CWE : Common Weakness Enumeration

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
57% (312) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
12% (68) CWE-416 Use After Free
7% (43) CWE-399 Resource Management Errors
6% (38) CWE-787 Out-of-bounds Write
2% (13) CWE-20 Improper Input Validation
2% (11) CWE-125 Out-of-bounds Read
2% (11) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (10) CWE-200 Information Exposure
1% (6) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
0% (4) CWE-264 Permissions, Privileges, and Access Controls
0% (3) CWE-704 Incorrect Type Conversion or Cast
0% (3) CWE-189 Numeric Errors
0% (2) CWE-362 Race Condition
0% (2) CWE-310 Cryptographic Issues
0% (2) CWE-190 Integer Overflow or Wraparound
0% (1) CWE-670 Always-Incorrect Control Flow Implementation
0% (1) CWE-552 Files or Directories Accessible to External Parties
0% (1) CWE-426 Untrusted Search Path
0% (1) CWE-415 Double Free
0% (1) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
0% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
0% (1) CWE-346 Origin Validation Error
0% (1) CWE-284 Access Control (Authorization) Issues
0% (1) CWE-134 Uncontrolled Format String
0% (1) CWE-129 Improper Validation of Array Index

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:17304 Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute...
oval:org.mitre.oval:def:16978 Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of...
oval:org.mitre.oval:def:17303 Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers...
oval:org.mitre.oval:def:17136 Apple iTunes before 10.5.1 does not properly verify the authenticity of updat...
oval:org.mitre.oval:def:6035 Apple iTunes Local Privilege Escalation Vulnerability
oval:org.mitre.oval:def:7995 Apple iTunes Filetype Remote Off-By-One Stack Buffer Overflow Vulnerability
oval:org.mitre.oval:def:6113 Apple iTunes Filetype Remote Off-By-One Stack Buffer Overflow Vulnerability
oval:org.mitre.oval:def:5936 Apple QuickTime Filetype Remote Off-By-One Stack Buffer Overflow Vulnerability
oval:org.mitre.oval:def:6001 Apple iTunes Denial of Service Vulnerability
oval:org.mitre.oval:def:5336 Apple iTunes Information Disclosure Vulnerability
oval:org.mitre.oval:def:17099 Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attacker...
oval:org.mitre.oval:def:6290 Apple iTunes '.pls' File Buffer Overflow Vulnerability
oval:org.mitre.oval:def:7427 Apple iTunes MP4 File Processing Denial of Service Vulnerability
oval:org.mitre.oval:def:7110 Apple iTunes Install or Update Privilege Escalation Vulnerability
oval:org.mitre.oval:def:7061 Apple iTunes JavaScriptCore Page Transitions Denial Of Service Vulnerability
oval:org.mitre.oval:def:7221 Apple iTunes Webkit Unspecified Vulnerability
oval:org.mitre.oval:def:7178 Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability
oval:org.mitre.oval:def:11851 Mozilla Firefox/Thunderbird/SeaMonkey 'libpng' Buffer Overflow Vulnerability
oval:org.mitre.oval:def:22383 RHSA-2010:0534: libpng security update (Important)
oval:org.mitre.oval:def:13405 USN-960-1 -- libpng vulnerabilities
oval:org.mitre.oval:def:13338 DSA-2072-1 libpng -- several
oval:org.mitre.oval:def:11512 DSA-2072 libpng -- several vulnerabilities
oval:org.mitre.oval:def:23184 ELSA-2010:0534: libpng security update (Important)
oval:org.mitre.oval:def:6988 Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability
oval:org.mitre.oval:def:7604 Apple iTunes Log File Insecure File Operation Local Privilege Escalation Vuln...

SAINT Exploits

Description Link
Apple iTunes itms: URL buffer overflow More info here
iTunes m3u Playlist Overflow More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
78547 Google Chrome Tree Builder Remote Overflow
78544 Google Chrome Use-after-free DOM Selections Unspecified Remote DoS
77715 Google Chrome Range Handling Use-after-free Remote Code Execution
77711 Google Chrome CSS Property Array Unspecified Remote Memory Corruption
77710 Google Chrome SVG Parsing Out-of-bounds Read Remote DoS
77037 Google Chrome Editing Unspecified Use-after-free Remote Issue
76559 Google Chrome Use-after-free Plug-ins and Editing Remote Code Execution
76556 Google Chrome Multiple Use-after-free Stale Style Sheet Handling Remote Code ...
76387 Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3241)
76386 Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3239)
76385 Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-2811)
76384 Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3238)
76383 Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3233)
76382 Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-2815)
76381 Apple iTunes CoreAudio Audio Stream Handling Overflow
76374 Apple Mac OS X QuickTime H.264 Movie File Handling Overflow
76352 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76351 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76350 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76349 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76348 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76347 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76346 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76345 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76344 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...

ExploitDB Exploits

id Description
19322 Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow
19098 Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow
14422 libpng <= 1.4.2 Denial of Service Vulnerability
11491 iTunes 9.0.1 .pls File Handling Buffer Overflow
11138 Apple iTunes 8.1.x (daap) Buffer overflow remote exploit (CVE-2009-0950)
8934 Apple iTunes 8.1.1.10 (itms/itcp) Remote Buffer Overflow Exploit (win)
8861 Apple iTunes 8.1.1 (ITMS) Multiple Protocol Handler BOF Exploit (meta)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0374-1 (update)
File : nvt/gb_suse_2012_0374_1.nasl
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update)
File : nvt/gb_suse_2012_0466_1.nasl
2012-10-26 Name : Ubuntu Update for webkit USN-1617-1
File : nvt/gb_ubuntu_USN_1617_1.nasl
2012-10-01 Name : Apple Safari Multiple Vulnerabilities - Oct 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_oct12_macosx.nasl
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-02 (tiff)
File : nvt/glsa_201209_02.nasl
2012-09-17 Name : Apple iTunes Multiple Vulnerabilities - Sep 12 (Windows)
File : nvt/gb_apple_itunes_mult_vuln_sep12_win.nasl
2012-08-09 Name : Ubuntu Update for webkit USN-1524-1
File : nvt/gb_ubuntu_USN_1524_1.nasl
2012-08-01 Name : Apple Safari Multiple Vulnerabilities - Aug 2012 (Windows)
File : nvt/gb_apple_safari_mult_vuln_aug12_win.nasl
2012-07-30 Name : CentOS Update for libtiff CESA-2011:0318 centos5 x86_64
File : nvt/gb_CESA-2011_0318_libtiff_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for libtiff CESA-2011:0392 centos5 x86_64
File : nvt/gb_CESA-2011_0392_libtiff_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for libxml2 CESA-2012:0017 centos5
File : nvt/gb_CESA-2012_0017_libxml2_centos5.nasl
2012-07-30 Name : Apple Safari Multiple Vulnerabilities - July 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_jul12_macosx.nasl
2012-07-13 Name : VMSA-2012-0012 VMware ESXi update addresses several security issues.
File : nvt/gb_VMSA-2012-0012.nasl
2012-07-09 Name : RedHat Update for libxml2 RHSA-2011:1749-03
File : nvt/gb_RHSA-2011_1749-03_libxml2.nasl
2012-06-12 Name : Apple iTunes '.m3u' Playlist Code Execution Vulnerability (Mac OS X)
File : nvt/gb_apple_itunes_playlist_code_exec_vuln_macosx.nasl
2012-06-12 Name : Apple iTunes '.m3u' Playlist Code Execution Vulnerabilities (Win)
File : nvt/gb_apple_itunes_playlist_code_exec_vuln_win.nasl
2012-05-31 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium13.nasl
2012-05-31 Name : Gentoo Security Advisory GLSA 201205-01 (chromium)
File : nvt/glsa_201205_01.nasl
2012-05-24 Name : Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows)
File : nvt/secpod_apple_safari_mult_vuln_win_oct11.nasl
2012-05-07 Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Linux)
File : nvt/gb_google_chrome_mult_dos_vuln_may12_lin.nasl
2012-05-07 Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Mac OS X)
File : nvt/gb_google_chrome_mult_dos_vuln_may12_macosx.nasl
2012-05-07 Name : Google Chrome Multiple Denial of Service Vulnerabilities - May 12 (Windows)
File : nvt/gb_google_chrome_mult_dos_vuln_may12_win.nasl
2012-04-30 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium10.nasl
2012-04-30 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium8.nasl
2012-04-30 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium9.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0222 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0061471
2015-A-0199 Multiple Vulnerabilities in Apple Mac OS X
Severity: Category I - VMSKEY: V0061337
2014-B-0024 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0046157
2012-A-0153 Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0
Severity: Category I - VMSKEY: V0033884
2012-A-0073 Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity: Category I - VMSKEY: V0032171
2011-B-0046 Remote Code Execution Vulnerability in Microsoft Foundation Class (MFC) Library
Severity: Category II - VMSKEY: V0026512

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Apple QuickTime fpx file SectNumMiniFAT overflow attempt
RuleID : 6505 - Type : FILE-IMAGE - Revision : 14
2020-09-02 WebKit JIT compiler common subexpression elimination out of bounds access att...
RuleID : 54666 - Type : BROWSER-WEBKIT - Revision : 2
2020-09-02 WebKit JIT compiler common subexpression elimination out of bounds access att...
RuleID : 54665 - Type : BROWSER-WEBKIT - Revision : 2
2020-04-21 Apple Safari WebKit JavaScript engine type confusion attempt
RuleID : 53474 - Type : BROWSER-WEBKIT - Revision : 1
2020-04-21 Apple Safari WebKit JavaScript engine type confusion attempt
RuleID : 53473 - Type : BROWSER-WEBKIT - Revision : 1
2020-03-19 Apple Safari WebKit cached page memory corruption attempt
RuleID : 53122 - Type : BROWSER-WEBKIT - Revision : 1
2020-03-19 Apple Safari WebKit cached page memory corruption attempt
RuleID : 53121 - Type : BROWSER-WEBKIT - Revision : 1
2020-02-13 Apple Safari Webkit css title memory corruption attempt
RuleID : 52598 - Type : BROWSER-WEBKIT - Revision : 1
2020-02-13 Apple Safari Webkit css title memory corruption attempt
RuleID : 52597 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03 Apple Safari WebKit out-of-bounds read attempt
RuleID : 52342 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-03 Apple Safari WebKit out-of-bounds read attempt
RuleID : 52341 - Type : BROWSER-WEBKIT - Revision : 1
2019-12-24 Mutiple products libpng extra row heap overflow attempt
RuleID : 52307 - Type : FILE-IMAGE - Revision : 1
2019-12-24 Mutiple products libpng extra row heap overflow attempt
RuleID : 52306 - Type : FILE-IMAGE - Revision : 1
2019-11-15 WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt
RuleID : 51832 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-15 WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt
RuleID : 51831 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-12 WebKit JavaScriptCore JSValue use after free attempt
RuleID : 51824 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-12 WebKit JavaScriptCore JSValue use after free attempt
RuleID : 51823 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-12 WebKit JavaScriptCore AIR optimization memory corruption attempt
RuleID : 51822 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-12 WebKit JavaScriptCore AIR optimization memory corruption attempt
RuleID : 51821 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01 Apple Safari JSValues type confusion attempt
RuleID : 51389 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01 Apple Safari JSValues type confusion attempt
RuleID : 51388 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01 Apple WebKit JSArray component out-of-bounds access
RuleID : 51382 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01 Apple WebKit JSArray component out-of-bounds access
RuleID : 51381 - Type : BROWSER-WEBKIT - Revision : 1
2016-04-05 Apple iTunes PLS file parsing buffer overflow attempt
RuleID : 37959 - Type : FILE-MULTIMEDIA - Revision : 1
2014-01-10 Apple iTunes playlist URL overflow attempt
RuleID : 3471 - Type : FILE-MULTIMEDIA - Revision : 10

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-11 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10916.nasl - Type: ACT_GATHER_INFO
2018-12-03 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201812-04.nasl - Type: ACT_GATHER_INFO
2018-10-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_9.nasl - Type: ACT_GATHER_INFO
2018-10-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_9_banner.nasl - Type: ACT_GATHER_INFO
2018-09-20 Name: A web browser installed on the remote macOS or Mac OS X host is affected by m...
File: macosx_safari12.nasl - Type: ACT_GATHER_INFO
2017-11-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-1268.nasl - Type: ACT_GATHER_INFO
2017-11-07 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2933-1.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Apple TV device is affected by multiple vulnerabilities.
File: appletv_11_1.nasl - Type: ACT_GATHER_INFO
2017-11-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_7_1.nasl - Type: ACT_GATHER_INFO
2017-11-02 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_7_1_banner.nasl - Type: ACT_GATHER_INFO
2017-11-02 Name: A web browser installed on the remote macOS or Mac OS X host is affected by m...
File: macosx_Safari11_1.nasl - Type: ACT_GATHER_INFO
2017-10-16 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201710-14.nasl - Type: ACT_GATHER_INFO
2017-09-27 Name: The remote host contains an application that is affected by an insecure permi...
File: macosx_itunes_12_7.nasl - Type: ACT_GATHER_INFO
2017-09-06 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-1011.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-2318-1.nasl - Type: ACT_GATHER_INFO
2017-08-11 Name: The remote Fedora host is missing a security update.
File: fedora_2017-9d572cc64a.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-3376-1.nasl - Type: ACT_GATHER_INFO
2017-07-31 Name: The remote Fedora host is missing a security update.
File: fedora_2017-73d6a0dfbb.nasl - Type: ACT_GATHER_INFO
2017-07-28 Name: The remote Fedora host is missing a security update.
File: fedora_2017-24bddb96b5.nasl - Type: ACT_GATHER_INFO
2017-07-26 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_0f66b901715c11e7ad1fbcaec565249c.nasl - Type: ACT_GATHER_INFO
2017-07-25 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: itunes_12_6_2.nasl - Type: ACT_GATHER_INFO
2017-07-25 Name: An application running on the remote host is affected by multiple vulnerabili...
File: itunes_12_6_2_banner.nasl - Type: ACT_GATHER_INFO
2017-07-25 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: macos_itunes_12_6_2.nasl - Type: ACT_GATHER_INFO
2017-07-25 Name: The remote host is missing a macOS or Mac OS X security update that fixes mul...
File: macosx_SecUpd2017-003.nasl - Type: ACT_GATHER_INFO
2017-07-24 Name: A web browser installed on the remote macOS or Mac OS X host is affected by m...
File: macosx_Safari10_1_2.nasl - Type: ACT_GATHER_INFO