CVE-2023-32351
https://notcve.org/view.php?id=CVE-2023-32351
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges. • https://support.apple.com/en-us/HT213763 •
CVE-2023-32353
https://notcve.org/view.php?id=CVE-2023-32353
A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges. • https://github.com/86x/CVE-2023-32353-PoC https://support.apple.com/en-us/HT213763 •
CVE-2020-36521
https://notcve.org/view.php?id=CVE-2020-36521
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema ha sido corregido en iCloud para Windows versión 11.4, iOS versión 14.0 y iPadOS versión 14.0, watchOS versión 7.0, tvOS versión 14.0, iCloud para Windows versión 7.21, iTunes para Windows versión 12.10.9. • https://support.apple.com/en-us/HT211843 https://support.apple.com/en-us/HT211844 https://support.apple.com/en-us/HT211846 https://support.apple.com/en-us/HT211847 https://support.apple.com/en-us/HT211850 https://support.apple.com/en-us/HT211952 • CWE-125: Out-of-bounds Read •
CVE-2022-26774
https://notcve.org/view.php?id=CVE-2022-26774
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en iTunes versión 12.12.4 para Windows. • https://support.apple.com/en-us/HT213259 •
CVE-2022-26773 – Apple iTunes Incorrect Permission Assignment Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-26773
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. An application may be able to delete files for which it does not have permission. Se abordó un problema lógico con una administración de estados mejorada. Este problema es corregido en iTunes versión 12.12.4 para Windows. • https://support.apple.com/en-us/HT213259 •