Apple iTunes 12.9.3

CPE Details

Apple iTunes 12.9.3
apple
itunes
12.9.3
2019-03-06
13h41 +00:00
2019-03-06
13h41 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:apple:itunes:12.9.3:*:*:*:*:*:*:*

Informations

Vendor

apple

Product

itunes

Version

12.9.3

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-26717 2022-10-31 23h00 +00:00 A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.
8.8
Haute
CVE-2022-26711 2022-05-26 16h46 +00:00 An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
9.8
Critique
CVE-2018-20506 2019-04-03 15h50 +00:00 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.
8.1
Haute
CVE-2008-3634 2008-09-10 16h00 +00:00 Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information.
2.6