This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:apple:itunes:9.1
Detail
VendorAppleFirst view 2010-06-18
ProductItunesLast view2019-04-03
Version9.1TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:apple:itunes

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82019-04-03CVE-2018-4464NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4443NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4442NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4441NetworkMediumNone Requ...
4.32019-04-03CVE-2018-4440NetworkMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
4.32019-04-03CVE-2018-4439NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4438NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4437NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4414NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4412NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4361NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4360NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4359NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4358NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4347NetworkMediumNone Requ...
4.32019-04-03CVE-2018-4345NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4328NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4323NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4318NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4317NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4316NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4315NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4314NetworkMediumNone Requ...
6.82019-04-03CVE-2018-4312NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
77% (394)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (46)CWE-399Resource Management Errors
2% (14)CWE-20Improper Input Validation
2% (13)CWE-200Information Exposure
2% (12)CWE-416Use After Free
Hide | Show 17 More...
%idName
0% (5)CWE-125Out-of-bounds Read
0% (5)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (3)CWE-704Incorrect Type Conversion or Cast
0% (3)CWE-362Race Condition
0% (2)CWE-310Cryptographic Issues
0% (2)CWE-264Permissions, Privileges, and Access Controls
0% (1)CWE-617Reachable Assertion
0% (1)CWE-601URL Redirection to Untrusted Site ('Open Redirect')
0% (1)CWE-552Files or Directories Accessible to External Parties
0% (1)CWE-522Insufficiently Protected Credentials
0% (1)CWE-284Access Control (Authorization) Issues
0% (1)CWE-254Security Features
0% (1)CWE-190Integer Overflow or Wraparound
0% (1)CWE-134Uncontrolled Format String
0% (1)CWE-129Improper Validation of Array Index
0% (1)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
0% (1)CWE-17Code

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:16788WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17299WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17272WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execu...
oval:org.mitre.oval:def:17605Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which...
oval:org.mitre.oval:def:17280WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:16916WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17187WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attac...
oval:org.mitre.oval:def:24426WebKit vulnerability in Apple Safari, this issue was addressed through improv...
oval:org.mitre.oval:def:16974WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17601WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attac...
oval:org.mitre.oval:def:24296WebKit vulnerability in Apple Safari, this issue was addressed through improv...
oval:org.mitre.oval:def:18997The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attacker...
oval:org.mitre.oval:def:17169WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17094WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17572WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attac...
oval:org.mitre.oval:def:24271WebKit vulnerability in Apple Safari, this issue was addressed through improv...
oval:org.mitre.oval:def:17546WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execu...
oval:org.mitre.oval:def:17334WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17394WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17384WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execu...
oval:org.mitre.oval:def:16919CoreFoundation, as used in Apple iTunes before 10.5, does not properly perfor...
oval:org.mitre.oval:def:17133WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attacke...
oval:org.mitre.oval:def:17191WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-mid...
oval:org.mitre.oval:def:17458WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote...
oval:org.mitre.oval:def:17020WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attacke...

SAINT Exploits

DescriptionLink
iTunes m3u Playlist OverflowMore info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
76387Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3241)
76386Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3239)
76385Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-2811)
76384Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3238)
76383Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-3233)
Hide | Show 20 More...
idDescription
76382Apple iTunes WebKit Store Browsing MitM Weakness Memory Corruption (2011-2815)
76381Apple iTunes CoreAudio Audio Stream Handling Overflow
76374Apple Mac OS X QuickTime H.264 Movie File Handling Overflow
76352Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76351Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76350Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76349Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76348Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76347Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76346Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76345Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76344Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76343Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76342Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76341Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76340Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76339Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76338Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76337Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...
76336Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2011-...

ExploitDB Exploits

idDescription
19322Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow
19098Apple iTunes 10.6.1.7 M3U Playlist File Walking Heap Buffer Overflow

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-10-26Name : Ubuntu Update for webkit USN-1617-1
File : nvt/gb_ubuntu_USN_1617_1.nasl
2012-10-01Name : Apple Safari Multiple Vulnerabilities - Oct 2012 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_oct12_macosx.nasl
2012-09-26Name : Gentoo Security Advisory GLSA 201209-02 (tiff)
File : nvt/glsa_201209_02.nasl
2012-09-17Name : Apple iTunes Multiple Vulnerabilities - Sep 12 (Windows)
File : nvt/gb_apple_itunes_mult_vuln_sep12_win.nasl
2012-07-30Name : CentOS Update for libtiff CESA-2011:0318 centos5 x86_64
File : nvt/gb_CESA-2011_0318_libtiff_centos5_x86_64.nasl
Hide | Show 20 More...
idDescription
2012-07-30Name : CentOS Update for libtiff CESA-2011:0392 centos5 x86_64
File : nvt/gb_CESA-2011_0392_libtiff_centos5_x86_64.nasl
2012-06-12Name : Apple iTunes '.m3u' Playlist Code Execution Vulnerability (Mac OS X)
File : nvt/gb_apple_itunes_playlist_code_exec_vuln_macosx.nasl
2012-06-12Name : Apple iTunes '.m3u' Playlist Code Execution Vulnerabilities (Win)
File : nvt/gb_apple_itunes_playlist_code_exec_vuln_win.nasl
2012-05-24Name : Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows)
File : nvt/secpod_apple_safari_mult_vuln_win_oct11.nasl
2012-03-20Name : Apple iTunes Multiple Vulnerabilities - Mar12 (Win)
File : nvt/gb_apple_itunes_mult_vuln_mar12_win.nasl
2012-03-13Name : Apple Safari Webkit Multiple Vulnerabilities - March12 (Mac OS X)
File : nvt/gb_apple_safari_webkit_mult_vuln_mar12_macosx.nasl
2012-03-13Name : Apple Safari Webkit Multiple Vulnerabilities - March12 (Win)
File : nvt/gb_apple_safari_webkit_mult_vuln_mar12_win.nasl
2012-02-06Name : Mac OS X Multiple Vulnerabilities (2012-001)
File : nvt/gb_macosx_su12-001.nasl
2011-11-03Name : Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
File : nvt/gb_apple_quicktime_mult_dos_vuln_win_nov11.nasl
2011-10-20Name : Apple iTunes Multiple Vulnerabilities - Oct 11
File : nvt/gb_apple_itunes_mult_vuln_oct11_win.nasl
2011-10-20Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
File : nvt/gb_macosx_su11-006.nasl
2011-10-20Name : Apple MAC OS X v10.6.8 Safari Multiple Vulnerabilities
File : nvt/gb_safari_mult_vuln_macosx.nasl
2011-08-26Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001)
File : nvt/secpod_macosx_su11-001.nasl
2011-08-26Name : Apple iTunes Multiple Vulnerabilities (Mac OS X)
File : nvt/secpod_itunes_mult_vuln_macosx.nasl
2011-08-12Name : Apple Safari Multiple Vulnerabilities - March 2011 (Mac OS X)
File : nvt/gb_apple_safari_mult_vuln_mar11_macosx.nasl
2011-08-09Name : CentOS Update for libtiff CESA-2011:0318 centos5 i386
File : nvt/gb_CESA-2011_0318_libtiff_centos5_i386.nasl
2011-08-09Name : CentOS Update for libtiff CESA-2011:0392 centos5 i386
File : nvt/gb_CESA-2011_0392_libtiff_centos5_i386.nasl
2011-05-12Name : Debian Security Advisory DSA 2210-1 (tiff)
File : nvt/deb_2210_1.nasl
2011-05-06Name : SuSE Update for kernel SUSE-SA:2011:020
File : nvt/gb_suse_2011_020.nasl
2011-04-22Name : Fedora Update for libtiff FEDORA-2011-5304
File : nvt/gb_fedora_2011_5304_libtiff_fc14.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2015-A-0222Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0061471
2015-A-0199Multiple Vulnerabilities in Apple Mac OS X
Severity : Category I - VMSKEY : V0061337
2014-B-0024Multiple Security Vulnerabilities in Apple iOS
Severity : Category I - VMSKEY : V0046157

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2020-01-21Apple Webkit updateMinimumColumnHeight use-after-free attempt
RuleID : 52486 - Type : BROWSER-WEBKIT - Revision : 1
2020-01-21Apple Webkit updateMinimumColumnHeight use-after-free attempt
RuleID : 52485 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-26WebKit WebCore handleMenuItemSelected use after free attempt
RuleID : 52003 - Type : BROWSER-WEBKIT - Revision : 1
2019-11-26WebKit WebCore handleMenuItemSelected use after free attempt
RuleID : 52002 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-08Apple Safari memory corruption attempt
RuleID : 51416 - Type : BROWSER-WEBKIT - Revision : 2
Hide | Show 20 More...
DateDescription
2019-10-08Apple Safari memory corruption attempt
RuleID : 51415 - Type : BROWSER-WEBKIT - Revision : 2
2019-10-01Apple Safari JSValues type confusion attempt
RuleID : 51389 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01Apple Safari JSValues type confusion attempt
RuleID : 51388 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01WebKit GetIndexedPropertyStorage memory corruption attempt
RuleID : 51386 - Type : BROWSER-WEBKIT - Revision : 1
2019-10-01WebKit GetIndexedPropertyStorage memory corruption attempt
RuleID : 51385 - Type : BROWSER-WEBKIT - Revision : 1
2019-07-04Apple Webkit updateDescendantDependentFlags use-after-free attempt
RuleID : 50294 - Type : BROWSER-WEBKIT - Revision : 1
2019-07-04Apple Webkit updateDescendantDependentFlags use-after-free attempt
RuleID : 50293 - Type : BROWSER-WEBKIT - Revision : 1
2019-07-02Apple Webkit updateMinimumColumnHeight use-after-free attempt
RuleID : 50192 - Type : BROWSER-WEBKIT - Revision : 1
2019-07-02Apple Webkit updateMinimumColumnHeight use-after-free attempt
RuleID : 50191 - Type : BROWSER-WEBKIT - Revision : 1
2019-06-22Apple Webkit SVGTextLayoutAttributes use-after-free attempt
RuleID : 50161 - Type : BROWSER-WEBKIT - Revision : 1
2019-06-22Apple Webkit SVGTextLayoutAttributes use-after-free attempt
RuleID : 50160 - Type : BROWSER-WEBKIT - Revision : 1
2019-06-06Apple WebKit updateReferencedText use-after-free attempt
RuleID : 50034 - Type : BROWSER-WEBKIT - Revision : 1
2019-06-06Apple WebKit updateReferencedText use-after-free attempt
RuleID : 50033 - Type : BROWSER-WEBKIT - Revision : 1
2018-08-04Microsoft Edge proxy object type confusion attempt
RuleID : 47083 - Type : BROWSER-IE - Revision : 2
2018-08-04Microsoft Edge proxy object type confusion attempt
RuleID : 47082 - Type : BROWSER-IE - Revision : 2
2018-07-26Apple WebKit memory corruption attempt
RuleID : 47023 - Type : BROWSER-WEBKIT - Revision : 1
2018-07-26Apple WebKit memory corruption attempt
RuleID : 47022 - Type : BROWSER-WEBKIT - Revision : 1
2017-04-20Microsoft Edge proxy object type confusion attempt
RuleID : 42041 - Type : BROWSER-IE - Revision : 5
2017-04-20Microsoft Edge proxy object type confusion attempt
RuleID : 42040 - Type : BROWSER-IE - Revision : 5
2015-02-11Apple iTunes Extended M3U playlist record overflow attempt
RuleID : 33042 - Type : FILE-MULTIMEDIA - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2019-01-11Name : The remote device is missing a vendor-supplied security patch.
File : juniper_jsa10916.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-e2e8a07a01.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-97c58e29e4.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-499f2dbc96.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-a1f37d2f08.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-509fc4a5c8.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-118b9abf99.nasl - Type : ACT_GATHER_INFO
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-1a8582a7ee.nasl - Type : ACT_GATHER_INFO
2018-12-21Name : The remote Apple TV device is affected by multiple vulnerabilities.
File : appletv_12_1_1.nasl - Type : ACT_GATHER_INFO
2018-12-19Name : An application installed on remote host is affected by multiple vulnerabilities
File : itunes_12_9_2.nasl - Type : ACT_GATHER_INFO
2018-12-07Name : A web browser installed on the remote macOS or Mac OS X host is affected by m...
File : macosx_Safari12_0_2.nasl - Type : ACT_GATHER_INFO
2018-12-03Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201812-04.nasl - Type : ACT_GATHER_INFO
2018-10-31Name : The remote host is missing a macOS or Mac OS X security update that fixes mul...
File : macosx_SecUpd2018-005.nasl - Type : ACT_GATHER_INFO
2018-10-31Name : The remote host is missing a macOS security update that fixes multiple vulner...
File : macosx_SecUpd_10_13_6_2018-002.nasl - Type : ACT_GATHER_INFO
2018-10-18Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_14.nasl - Type : ACT_GATHER_INFO
2018-10-02Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_8_banner.nasl - Type : ACT_GATHER_INFO
2018-10-02Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_9.nasl - Type : ACT_GATHER_INFO
2018-10-02Name : An application installed on the remote host is affected by multiple vulnerabi...
File : itunes_12_9_banner.nasl - Type : ACT_GATHER_INFO
2018-09-24Name : The remote Fedora host is missing a security update.
File : fedora_2018-4a16e37c81.nasl - Type : ACT_GATHER_INFO
2018-09-20Name : A web browser installed on the remote macOS or Mac OS X host is affected by m...
File : macosx_safari12.nasl - Type : ACT_GATHER_INFO
2018-08-23Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201808-01.nasl - Type : ACT_GATHER_INFO
2018-08-23Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201808-04.nasl - Type : ACT_GATHER_INFO
2018-07-30Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_b9c525d9919811e8beba080027ef1a23.nasl - Type : ACT_GATHER_INFO
2018-07-27Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4256.nasl - Type : ACT_GATHER_INFO
2018-07-17Name : The remote host is missing a macOS update that fixes multiple security vulner...
File : macos_10_13_6.nasl - Type : ACT_GATHER_INFO