CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 0CVE-2007-3752
https://notcve.org/view.php?id=CVE-2007-3752
Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted album cover art in the covr atom of an MP4/AAC file. Un desbordamiento de búfer en la región heap de la memoria en iTunes de Apple versiones anteriores a 7.4, permite a atacantes remotos causar una denegación de servicio (bloqueo de aplicación) o ejecutar código arbitrario por medio de una carátula del álbum diseñada en el átomo covr de un archivo MP4/AAC. • http://docs.info.apple.com/article.html?artnum=306404 http://lists.apple.com/archives/security-announce/2007/Sep/msg00000.html http://osvdb.org/38528 http://secunia.com/advisories/26725 http://www.securityfocus.com/archive/1/478750/100/0/threaded http://www.securityfocus.com/bid/25567 http://www.securitytracker.com/id?1018658 http://www.vupen.com/english/advisories/2007/3073 https://exchange.xforce.ibmcloud.com/vulnerabilities/36485 https://oval.cisecurity.org/repository/search/de • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.6EPSS: 1%CPEs: 1EXPL: 2CVE-2007-1008 – Apple iTunes 7.0.2 - XML Parsing Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-1008
Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to perform DNS spoofing or man-in-the-middle attacks for exploitation. Apple iTunes 7.0.2 permite a atacantes remotos con la intervención el usuario provocar una denegación de servicio (cierre de aplicación) mediante una lista XML manipulada de estaciones de radio, lo cual provoca una corrupción de memoria. NOTA: iTunes obtiene el documento XML de una URL estática, lo cual requiere que un atacante realice una suplantación de DNS o un ataque de hombre-en-medio (man-in-the-middle) para la explotación. • https://www.exploit-db.com/exploits/29616 http://osvdb.org/33742 http://securityreason.com/securityalert/2278 http://www.securityfocus.com/archive/1/460544/100/0/threaded http://www.securityfocus.com/bid/22615 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16978 •
CVSS: 5.1EPSS: 89%CPEs: 1EXPL: 0CVE-2006-1467 – Apple iTunes AAC File Parsing Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-1467
Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or later, and Windows XP and 2000, allows remote user-assisted attackers to execute arbitrary code via an AAC (M4P, M4A, or M4B) file with a sample table size (STSZ) atom with a "malformed" sample_size_table value. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple iTunes. Exploitation requires an attacker to convince a target user into opening a malicious play list file. The specific flaw exists during the processing of malicious AAC media files such as those with extensions .M4A and .M4P. During the parsing of the sample table size atom (STSZ), a malformed 'sample_size_table' value can trigger an integer overflow leading to an exploitable memory corruption. • http://docs.info.apple.com/article.html?artnum=303952 http://secunia.com/advisories/20891 http://securitytracker.com/id?1016413 http://www.kb.cert.org/vuls/id/907836 http://www.securityfocus.com/archive/1/438812/100/0/threaded http://www.securityfocus.com/bid/18730 http://www.vupen.com/english/advisories/2006/2601 http://www.zerodayinitiative.com/advisories/ZDI-06-020.html https://exchange.xforce.ibmcloud.com/vulnerabilities/27481 • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 56%CPEs: 4EXPL: 0CVE-2006-1249
https://notcve.org/view.php?id=CVE-2006-1249
Integer overflow in Apple QuickTime Player 7.0.3 and 7.0.4 and iTunes 6.0.1 and 6.0.2 allows remote attackers to execute arbitrary code via a FlashPix (FPX) image that contains a field that specifies a large number of blocks. • http://lists.apple.com/archives/security-announce/2006/May/msg00002.html http://secunia.com/advisories/20069 http://securitytracker.com/id?1016067 http://www.eeye.com/html/research/upcoming/20060307b.html http://www.kb.cert.org/vuls/id/570689 http://www.securityfocus.com/archive/1/433831/100/0/threaded http://www.securityfocus.com/archive/1/433850/100/0/threaded http://www.securityfocus.com/bid/17074 http://www.us-cert.gov/cas/techalerts/TA06-132B.html http://www& • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 95%CPEs: 2EXPL: 0CVE-2005-4092
https://notcve.org/view.php?id=CVE-2005-4092
Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement. • http://docs.info.apple.com/article.html?artnum=303101 http://secunia.com/advisories/18149 http://secunia.com/advisories/18370 http://security-protocols.com/advisory/sp-x21-advisory.txt http://securityreason.com/securityalert/334 http://securityreason.com/securityalert/336 http://securitytracker.com/id?1015356 http://securitytracker.com/id?1015396 http://securitytracker.com/id?1015397 http://www.eeye.com/html/research/upcoming/20051117a.html http://www.eeye.com/html/research/upcoming/2005 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •