This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apple:itunes:6.0.4::windows
Detail
VendorAppleFirst view 2007-09-06
ProductItunesLast view2019-04-03
Version6.0.4TypeApplication
Editionwindows 
Language 
Update 
 
CPE Productcpe:/a:apple:itunes

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82019-04-03CVE-2018-4464NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4443NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4442NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4441NetworkMediumNone Requ...
4.32019-04-03CVE-2018-4440NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-04-03CVE-2018-4439NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4438NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4437NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4414NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4412NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4361NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4360NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4359NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4358NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4347NetworkMediumNone Requ...
4.32019-04-03CVE-2018-4345NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4328NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4323NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4318NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4317NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4316NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4315NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4314NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4312NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
76% (397)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (48)CWE-399Resource Management Errors
2% (15)CWE-200Information Exposure
2% (15)CWE-20Improper Input Validation
2% (12)CWE-416Use After Free
Hide | Show 19 More...
%idName
0% (5)CWE-125Out-of-bounds Read
0% (5)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (4)CWE-362Race Condition
0% (3)CWE-704Incorrect Type Conversion or Cast
0% (2)CWE-310Cryptographic Issues
0% (2)CWE-264Permissions, Privileges, and Access Controls
0% (1)CWE-617Reachable Assertion
0% (1)CWE-601URL Redirection to Untrusted Site ('Open Redirect')
0% (1)CWE-552Files or Directories Accessible to External Parties
0% (1)CWE-522Insufficiently Protected Credentials
0% (1)CWE-284Access Control (Authorization) Issues
0% (1)CWE-254Security Features
0% (1)CWE-190Integer Overflow or Wraparound
0% (1)CWE-189Numeric Errors
0% (1)CWE-134Uncontrolled Format String
0% (1)CWE-129Improper Validation of Array Index
0% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
0% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
0% (1)CWE-17Code

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:16788WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17299WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17272WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execu...
oval:org.mitre.oval:def:17605Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which...
oval:org.mitre.oval:def:17280WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:16916WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17187WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attac...
oval:org.mitre.oval:def:24426WebKit vulnerability in Apple Safari, this issue was addressed through improv...
oval:org.mitre.oval:def:16974WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17601WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attac...
oval:org.mitre.oval:def:24296WebKit vulnerability in Apple Safari, this issue was addressed through improv...
oval:org.mitre.oval:def:18997The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attacker...
oval:org.mitre.oval:def:6001Apple iTunes Denial of Service Vulnerability
oval:org.mitre.oval:def:17169WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17094WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17572WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attac...
oval:org.mitre.oval:def:24271WebKit vulnerability in Apple Safari, this issue was addressed through improv...
oval:org.mitre.oval:def:17546WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execu...
oval:org.mitre.oval:def:17334WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17394WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17384WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execu...
oval:org.mitre.oval:def:16919CoreFoundation, as used in Apple iTunes before 10.5, does not properly perfor...
oval:org.mitre.oval:def:17133WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attacke...
oval:org.mitre.oval:def:17191WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17458WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...

SAINT Exploits

DescriptionLink
Apple iTunes itms: URL buffer overflowMore info here
iTunes m3u Playlist OverflowMore info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
76387Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3241)
76386Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3239)
76385Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-2811)
76384Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3238)
76383Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3233)
Hide | Show 20 More...
idDescription
76382Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-2815)
76381Apple iTunes CoreAudio Audio Stream Handling Overflow
76374Apple Mac OS X QuickTime H.264 Movie File Handling Overflow
76352Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76351Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76350Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76349Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76348Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76347Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76346Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76345Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76344Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76343Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76342Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76341Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76340Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76339Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76338Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76337Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76336Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...

ExploitDB Exploits

idDescription
19322Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow
19098Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow
11491iTunes 9.0.1 .pls File Handling Buffer Overflow
11138Apple iTunes 8.1.x (daap) Buffer overflow remote exploit (CVE-2009-0950)
8934Apple iTunes 8.1.1.10 (itms/itcp) Remote Buffer Overflow Exploit (win)
Hide | Show 1 More...
idDescription
8861Apple iTunes 8.1.1 (ITMS) Multiple Protocol Handler BOF Exploit (meta)

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-10-26Name : Ubuntu Update for webkit USN-1617-1
File : nvt/gb_ubuntu_USN_1617_1.nasl
2012-10-01Name : Apple Safari Multiple Vulnerabilities - Oct 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_oct12_macosx.nasl
2012-09-26Name : Gentoo Security Advisory GLSA 201209-02 (tiff)
File : nvt/glsa_201209_02.nasl
2012-09-17Name : Apple iTunes Multiple Vulnerabilities - Sep 12 (Windows)
File : nvt/gb_apple_itunes_mult_vuln_sep12_win.nasl
2012-07-30Name : CentOS Update for libtiff CESA-2011:0318 centos5 x86_64
File : nvt/gb_CESA-2011_0318_libtiff_centos5_x86_64.nasl
Hide | Show 20 More...
idDescription
2012-07-30Name : CentOS Update for libtiff CESA-2011:0392 centos5 x86_64
File : nvt/gb_CESA-2011_0392_libtiff_centos5_x86_64.nasl
2012-06-12Name : Apple iTunes '.m3u' Playlist Code Execution Vulnerability (Mac OS X)
File : nvt/gb_apple_itunes_playlist_code_exec_vuln_macosx.nasl
2012-06-12Name : Apple iTunes '.m3u' Playlist Code Execution Vulnerabilities (Win)
File : nvt/gb_apple_itunes_playlist_code_exec_vuln_win.nasl
2012-05-24Name : Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows)
File : nvt/secpod_apple_safari_mult_vuln_win_oct11.nasl
2012-03-20Name : Apple iTunes Multiple Vulnerabilities - Mar12 (Win)
File : nvt/gb_apple_itunes_mult_vuln_mar12_win.nasl
2012-03-13Name : Apple Safari Webkit Multiple Vulnerabilities - March12 (Mac OS X)
File : nvt/gb_apple_safari_webkit_mult_vuln_mar12_macosx.nasl
2012-03-13Name : Apple Safari Webkit Multiple Vulnerabilities - March12 (Win)
File : nvt/gb_apple_safari_webkit_mult_vuln_mar12_win.nasl
2012-02-06Name : Mac OS X Multiple Vulnerabilities (2012-001)
File : nvt/gb_macosx_su12-001.nasl
2011-11-28Name : Apple iTunes Remote Code Execution Vulnerability (Mac OS X)
File : nvt/secpod_apple_itunes_remote_code_exec_vuln_macosx.nasl
2011-11-28Name : Apple iTunes Remote Code Execution Vulnerability (Windows)
File : nvt/secpod_apple_itunes_remote_code_exec_vuln_win.nasl
2011-11-03Name : Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
File : nvt/gb_apple_quicktime_mult_dos_vuln_win_nov11.nasl
2011-10-20Name : Apple iTunes Multiple Vulnerabilities - Oct 11
File : nvt/gb_apple_itunes_mult_vuln_oct11_win.nasl
2011-10-20Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
File : nvt/gb_macosx_su11-006.nasl
2011-10-20Name : Apple MAC OS X v10.6.8 Safari Multiple Vulnerabilities
File : nvt/gb_safari_mult_vuln_macosx.nasl
2011-08-26Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-08-26Name : Apple iTunes Multiple Vulnerabilities (Mac OS X)
File : nvt/secpod_itunes_mult_vuln_macosx.nasl
2011-08-12Name : Apple Safari Multiple Vulnerabilities - March 2011 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_mar11_macosx.nasl
2011-08-09Name : CentOS Update for libtiff CESA-2011:0318 centos5 i386
File : nvt/gb_CESA-2011_0318_libtiff_centos5_i386.nasl
2011-08-09Name : CentOS Update for libtiff CESA-2011:0392 centos5 i386
File : nvt/gb_CESA-2011_0392_libtiff_centos5_i386.nasl
2011-05-12Name : Debian Security Advisory DSA 2210-1 (tiff)
File : nvt/deb_2210_1.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0222Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0061471
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2014-B-0024Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0046157

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2019-10-08Apple Safari memory corruption attempt
RuleID : 51416 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-08Apple Safari memory corruption attempt
RuleID : 51415 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01Apple Safari JSValues type confusion attempt
RuleID : 51389 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01Apple Safari JSValues type confusion attempt
RuleID : 51388 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01WebKit GetIndexedPropertyStorage memory corruption attempt
RuleID : 51386 - Type : BROWSER-WEBKIT - Revision : 1
Hide | Show 20 More...
DateDescription
2019-10-01WebKit GetIndexedPropertyStorage memory corruption attempt
RuleID : 51385 - Type : BROWSER-WEBKIT - Revision : 1
2019-07-04Apple Webkit updateDescendantDependentFlags use-after-free attempt
RuleID : 50294 - Type : BROWSER-WEBKIT - Revision : 1
2019-07-04Apple Webkit updateDescendantDependentFlags use-after-free attempt
RuleID : 50293 - Type : BROWSER-WEBKIT - Revision : 1
2019-07-02Apple Webkit updateMinimumColumnHeight use-after-free attempt
RuleID : 50192 - Type : BROWSER-WEBKIT - Revision : 1
2019-07-02Apple Webkit updateMinimumColumnHeight use-after-free attempt
RuleID : 50191 - Type : BROWSER-WEBKIT - Revision : 1
2019-06-22Apple Webkit SVGTextLayoutAttributes use-after-free attempt
RuleID : 50161 - Type : BROWSER-WEBKIT - Revision : 1
2019-06-22Apple Webkit SVGTextLayoutAttributes use-after-free attempt
RuleID : 50160 - Type : BROWSER-WEBKIT - Revision : 1
2019-06-06Apple WebKit updateReferencedText use-after-free attempt
RuleID : 50034 - Type : BROWSER-WEBKIT - Revision : 1
2019-06-06Apple WebKit updateReferencedText use-after-free attempt
RuleID : 50033 - Type : BROWSER-WEBKIT - Revision : 1
2018-08-04Microsoft Edge proxy object type confusion attempt
RuleID : 47083 - Type : BROWSER-IE - Revision : 2
2018-08-04Microsoft Edge proxy object type confusion attempt
RuleID : 47082 - Type : BROWSER-IE - Revision : 2
2018-07-26Apple WebKit memory corruption attempt
RuleID : 47023 - Type : BROWSER-WEBKIT - Revision : 1
2018-07-26Apple WebKit memory corruption attempt
RuleID : 47022 - Type : BROWSER-WEBKIT - Revision : 1
2017-04-20Microsoft Edge proxy object type confusion attempt
RuleID : 42041 - Type : BROWSER-IE - Revision : 5
2017-04-20Microsoft Edge proxy object type confusion attempt
RuleID : 42040 - Type : BROWSER-IE - Revision : 5
2016-04-05Apple iTunes PLS file parsing buffer overflow attempt
RuleID : 37959 - Type : FILE-MULTIMEDIA - Revision : 1
2015-02-11Apple iTunes Extended M3U playlist record overflow attempt
RuleID : 33042 - Type : FILE-MULTIMEDIA - Revision : 2
2015-02-11Apple iTunes Extended M3U playlist record overflow attempt
RuleID : 33041 - Type : FILE-MULTIMEDIA - Revision : 3
2014-01-10Gong Da exploit kit possible jar download
RuleID : 27706 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Gong Da exploit kit Java exploit requested
RuleID : 27705 - Type : EXPLOIT-KIT - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-11Name : The remote device is missing a vendor-supplied security patch.
File : juniper_jsa10916.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-e2e8a07a01.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-97c58e29e4.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-499f2dbc96.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-a1f37d2f08.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-509fc4a5c8.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-118b9abf99.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-1a8582a7ee.nasl - Type : ACT_GATHER_INFO
2018-12-21Name : The remote Apple TV device is affected by multiple vulnerabilities.
File : appletv_12_1_1.nasl - Type : ACT_GATHER_INFO
2018-12-19Name : An application installed on remote host is affected by multiple vulnerabilities
File : itunes_12_9_2.nasl - Type : ACT_GATHER_INFO
2018-12-07Name : A web browser installed on the remote macOS or Mac OS X host is affected by m...
File : macosx_Safari12_0_2.nasl - Type : ACT_GATHER_INFO
2018-12-03Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201812-04.nasl - Type : ACT_GATHER_INFO
2018-10-31Name : The remote host is missing a macOS or Mac OS X security update that fixes mul...
File : macosx_SecUpd2018-005.nasl - Type : ACT_GATHER_INFO
2018-10-31Name : The remote host is missing a macOS security update that fixes multiple vulner...
File : macosx_SecUpd_10_13_6_2018-002.nasl - Type : ACT_GATHER_INFO
2018-10-18Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_14.nasl - Type : ACT_GATHER_INFO
2018-10-02Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_8_banner.nasl - Type : ACT_GATHER_INFO
2018-10-02Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_9.nasl - Type : ACT_GATHER_INFO
2018-10-02Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_9_banner.nasl - Type : ACT_GATHER_INFO
2018-09-24Name : The remote Fedora host is missing a security update.
File : fedora_2018-4a16e37c81.nasl - Type : ACT_GATHER_INFO
2018-09-20Name : A web browser installed on the remote macOS or Mac OS X host is affected by m...
File : macosx_safari12.nasl - Type : ACT_GATHER_INFO
2018-08-23Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201808-01.nasl - Type : ACT_GATHER_INFO
2018-08-23Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201808-04.nasl - Type : ACT_GATHER_INFO
2018-07-30Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_b9c525d9919811e8beba080027ef1a23.nasl - Type : ACT_GATHER_INFO
2018-07-27Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4256.nasl - Type : ACT_GATHER_INFO
2018-07-17Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_13_6.nasl - Type : ACT_GATHER_INFO