Apple iTunes 12.9.3

CPE Details

Apple iTunes 12.9.3
apple
itunes
12.9.3
2019-03-06
13h41 +00:00
2019-03-06
13h41 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:apple:itunes:12.9.3:*:*:*:*:*:*:*

Informations

Vendor

apple

Product

itunes

Version

12.9.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-26717 2022-10-31 23h00 +00:00 A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
8.8
High
CVE-2022-26711 2022-05-26 16h46 +00:00 An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
9.8
Critical
CVE-2018-20506 2019-04-03 15h50 +00:00 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
8.1
High
CVE-2008-3634 2008-09-10 16h00 +00:00 Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information.
2.6