oval:org.mitre.oval:def:17136

Definition Id: oval:org.mitre.oval:def:17136
 
Oval ID: oval:org.mitre.oval:def:17136
Title: Apple iTunes before 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning
Description: Apple iTunes before 10.5.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.
Family: windows Class: vulnerability
Reference(s): CVE-2008-3434
Version: 6
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Apple iTunes
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12353
 
Oval ID: oval:org.mitre.oval:def:12353
Title: Apple iTunes is installed
Description: Apple iTunes is installed
Family: windows Class: inventory
Reference(s): cpe:/a:apple:itunes
Version: 5
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Apple iTunes
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:17136