NotCVE - vendor:"Apple" product:"Itunes" version:"7.7.0"

Page 122 of 897 results (0.011 seconds)

CVSS: 4.3EPSS: 0%CPEs: 89EXPL: 0

CVE-2013-1014

https://notcve.org/view.php?id=CVE-2013-1014

Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate. Apple iTunes anterior a 11.0.3 no verifica adecuadamente los certificados X.509, lo que permite a atacantes man-in-the-middle suplantar los servidores HTTPS a través de un certificado arbitrario válido. • http://lists.apple.com/archives/security-announce/2013/May/msg00000.html http://support.apple.com/kb/HT5766 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17605 • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 1%CPEs: 82EXPL: 0

CVE-2013-0997 – Apple Safari Array Indexing Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2013-0997

WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. WebKit, usado en Apple iTunes anterior a 11.0.3, permite a atacantes man-in-the-middle la ejecución de código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores relacionados con la navegación en la iTunes Store. Vulnerabilidad distinta de otros CVEs listados en APPLE-SA-2013-05-16-1. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JSArray objects. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2013/May/msg00000.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5766 http://support.apple.com/kb/HT5785 http://support.apple.com/kb/HT5921 http://support.apple.com/kb/HT5934 https:/ • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 0%CPEs: 82EXPL: 0

CVE-2013-0995

https://notcve.org/view.php?id=CVE-2013-0995

WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. WebKit, usado en Apple iTunes anterior a 11.0.3, permite a atacantes man-in-the-middle la ejecución de código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores relacionados con la navegación en la iTunes Store. Vulnerabilidad distinta de otros CVEs listados en APPLE-SA-2013-05-16-1. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2013/May/msg00000.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5766 http://support.apple.com/kb/HT5785 http://support.apple.com/kb/HT5934 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17561 • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 0%CPEs: 82EXPL: 0

CVE-2013-0991

https://notcve.org/view.php?id=CVE-2013-0991

WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. WebKit, usado en Apple iTunes anterior a 11.0.3, permite a atacantes man-in-the-middle la ejecución de código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores relacionados con la navegación en la iTunes Store. Vulnerabilidad distinta de otros CVEs listados en APPLE-SA-2013-05-16-1. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2013/May/msg00000.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5766 http://support.apple.com/kb/HT5785 http://support.apple.com/kb/HT5934 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16907 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 1%CPEs: 82EXPL: 0

CVE-2013-0998 – Webkit.org Webkit string.concat() Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2013-0998

WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1. WebKit, usado en Apple iTunes anterior a 11.0.3, permite a atacantes man-in-the-middle la ejecución de código arbitrario o provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores relacionados con la navegación en la iTunes Store. Vulnerabilidad distinta de otros CVEs listados en APPLE-SA-2013-05-16-1. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Webkit implements string.concat(). • http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2013/May/msg00000.html http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://secunia.com/advisories/54886 http://support.apple.com/kb/HT5766 http://support.apple.com/kb/HT5785 http://support.apple.com/kb/HT5934 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17300 • CWE-399: Resource Management Errors •

1...120 121 122 123 124