ID CVE-2010-0531
Summary Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:itunes:9.0:-:windows
    cpe:2.3:a:apple:itunes:9.0:-:windows
  • cpe:2.3:a:apple:itunes:9.0:-:mac
    cpe:2.3:a:apple:itunes:9.0:-:mac
  • cpe:2.3:a:apple:itunes:9.0.0:-:windows
    cpe:2.3:a:apple:itunes:9.0.0:-:windows
  • cpe:2.3:a:apple:itunes:9.0.0:-:mac
    cpe:2.3:a:apple:itunes:9.0.0:-:mac
  • cpe:2.3:a:apple:itunes:9.0.1:-:windows
    cpe:2.3:a:apple:itunes:9.0.1:-:windows
  • cpe:2.3:a:apple:itunes:9.0.2:-:windows
    cpe:2.3:a:apple:itunes:9.0.2:-:windows
  • cpe:2.3:a:apple:itunes:9.0.3:-:windows
    cpe:2.3:a:apple:itunes:9.0.3:-:windows
  • cpe:2.3:a:apple:itunes:9.0.2:-:mac
    cpe:2.3:a:apple:itunes:9.0.2:-:mac
  • cpe:2.3:a:apple:itunes:9.0.3:-:mac
    cpe:2.3:a:apple:itunes:9.0.3:-:mac
  • cpe:2.3:a:apple:itunes:9.0.1:-:mac
    cpe:2.3:a:apple:itunes:9.0.1:-:mac
  • Microsoft Windows 7
    cpe:2.3:o:microsoft:windows_7
  • Microsoft Windows Vista
    cpe:2.3:o:microsoft:windows_vista
  • Microsoft Windows XP
    cpe:2.3:o:microsoft:windows_xp
  • Apple Mac OS X 10.4.11
    cpe:2.3:o:apple:mac_os_x:10.4.11
  • Apple Mac OS X Server 10.4.11
    cpe:2.3:o:apple:mac_os_x_server:10.4.11
  • Apple Mac OS X 10.5
    cpe:2.3:o:apple:mac_os_x:10.5
  • Apple Mac OS X 10.5.0
    cpe:2.3:o:apple:mac_os_x:10.5.0
  • Apple Mac OS X 10.5.1
    cpe:2.3:o:apple:mac_os_x:10.5.1
  • Apple Mac OS X 10.5.2
    cpe:2.3:o:apple:mac_os_x:10.5.2
  • Apple Mac OS X 10.5.3
    cpe:2.3:o:apple:mac_os_x:10.5.3
  • Apple Mac OS X 10.5.4
    cpe:2.3:o:apple:mac_os_x:10.5.4
  • Apple Mac OS X 10.5.5
    cpe:2.3:o:apple:mac_os_x:10.5.5
  • Apple Mac OS X 10.5.6
    cpe:2.3:o:apple:mac_os_x:10.5.6
  • Apple Mac OS X 10.5.7
    cpe:2.3:o:apple:mac_os_x:10.5.7
  • Apple Mac OS X 10.5.8
    cpe:2.3:o:apple:mac_os_x:10.5.8
  • Apple Mac OS X Server 10.5
    cpe:2.3:o:apple:mac_os_x_server:10.5
  • Apple Mac OS X Server 10.5.0
    cpe:2.3:o:apple:mac_os_x_server:10.5.0
  • Apple Mac OS X Server 10.5.1
    cpe:2.3:o:apple:mac_os_x_server:10.5.1
  • Apple Mac OS X Server 10.5.2
    cpe:2.3:o:apple:mac_os_x_server:10.5.2
  • Apple Mac OS X Server 10.5.3
    cpe:2.3:o:apple:mac_os_x_server:10.5.3
  • Apple Mac OS X Server 10.5.4
    cpe:2.3:o:apple:mac_os_x_server:10.5.4
  • Apple Mac OS X Server 10.5.5
    cpe:2.3:o:apple:mac_os_x_server:10.5.5
  • Apple Mac OS X Server 10.5.6
    cpe:2.3:o:apple:mac_os_x_server:10.5.6
  • Apple Mac OS X Server 10.5.7
    cpe:2.3:o:apple:mac_os_x_server:10.5.7
  • Apple Mac OS X Server 10.5.8
    cpe:2.3:o:apple:mac_os_x_server:10.5.8
  • Apple Mac OS X 10.6.0
    cpe:2.3:o:apple:mac_os_x:10.6.0
  • Apple Mac OS X 10.6.1
    cpe:2.3:o:apple:mac_os_x:10.6.1
  • Apple Mac OS X 10.6.2
    cpe:2.3:o:apple:mac_os_x:10.6.2
  • Apple Mac OS X 10.6.3
    cpe:2.3:o:apple:mac_os_x:10.6.3
  • Apple Mac OS X Server 10.6.0
    cpe:2.3:o:apple:mac_os_x_server:10.6.0
  • Apple Mac OS X Server 10.6.1
    cpe:2.3:o:apple:mac_os_x_server:10.6.1
  • Apple Mac OS X Server 10.6.2
    cpe:2.3:o:apple:mac_os_x_server:10.6.2
  • Apple Mac OS X Server 10.6.3
    cpe:2.3:o:apple:mac_os_x_server:10.6.3
CVSS
Base: 4.3 (as of 01-04-2010 - 13:45)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_ITUNES_9_1.NASL
    description The remote version of iTunes is older than 9.1. Such versions are potentially affected by multiple vulnerabilities : - An infinite loop in the application's handling of imported MP4 podcast files may lead to an application crash and prevent subsequent operation. (CVE-2010-0531) - Syncing a mobile device may allow a local user to gain the privileges of the console user due to an insecure file operation in the handling of log files. (CVE-2010-1768)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 45389
    published 2010-03-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45389
    title iTunes < 9.1 Multiple Vulnerabilities (Mac OS X)
  • NASL family Windows
    NASL id ITUNES_9_1.NASL
    description The version of Apple iTunes installed on the remote Windows host is older than 9.1. Such versions may be affected by multiple vulnerabilities : - A buffer underflow in ImageIO's handling of TIFF images may lead to an application crash or arbitrary code execution. (CVE-2009-2285) - An integer overflow in the applications's handling of images with an embedded color profile may lead to an application crash or arbitrary code execution. (CVE-2010-0040) - An uninitialized memory access issue in ImageIO's handling of BMP images may result in sending data from Safari's memory to a website under an attacker's control. (CVE-2010-0041) - An uninitialized memory access issue in ImageIO's handling of TIFF images may result in sending data from Safari's memory to a website under an attacker's control. (CVE-2010-0042) - A memory corruption issue in the application's handling of TIFF images may lead to an application crash or arbitrary code execution. (CVE-2010-0043) - A race condition during the installation process may allow a local user modify a file that is then executed with SYSTEM privileges. (CVE-2010-0532) - A path searching issue may allow code execution if an attacker can place a specially crafted DLL in a directory and have a user open another file using iTunes in that directory. (CVE-2010-1795)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 45390
    published 2010-03-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45390
    title Apple iTunes < 9.1 Multiple Vulnerabilities (credentialed check)
  • NASL family Peer-To-Peer File Sharing
    NASL id ITUNES_9_1_BANNER.NASL
    description The version of Apple iTunes on the remote host is prior to version 9.1. It is, therefore, affected by multiple vulnerabilities : - A buffer underflow in ImageIO's handling of TIFF images can lead to a denial of service or arbitrary code execution. (CVE-2009-2285) - An integer overflow in the application's handling of images with an embedded color profile can lead to a denial of service or arbitrary code execution. (CVE-2010-0040) - An uninitialized memory access vulnerability in ImageIO's handling of BMP images can result in the sending of sensitive data from Safari's memory to a website under an attacker's control. (CVE-2010-0041) - An uninitialized memory access vulnerability in ImageIO's handling of TIFF images can result in the sending of sensitive data from Safari's memory to a website under an attacker's control. (CVE-2010-0042) - A memory corruption vulnerability in the ImageIO's handling of TIFF images can lead to a denial of service or arbitrary code execution. (CVE-2010-0043) - An infinite loop vulnerability in the application's handling of imported MP4 podcast files can lead to a denial of service or arbitrary code execution. (CVE-2010-0531) - A race condition during the installation process allows a local attacker to modify an unspecified file which can then be executed with SYSTEM privileges. (CVE-2010-0532) - A path searching vulnerability exists that allows code execution if an attacker places a specially crafted DLL in a directory and has a user open another file using iTunes in that directory. (CVE-2010-1795) - Syncing a mobile device can allow a local attacker to gain the privileges of the console user due to an insecure file operation in the handling of log files. (CVE-2010-1768)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 45391
    published 2010-03-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45391
    title Apple iTunes < 9.1 Multiple Vulnerabilities (uncredentialed check)
oval via4
accepted 2015-06-22T04:00:49.475-04:00
class vulnerability
contributors
  • name J. Daniel Brown
    organization DTCC
  • name Scott Quint
    organization Quintechssential
  • name Pooja Shetty
    organization SecPod Technologies
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Shane Shaffer
    organization G2, Inc.
  • name Bernd Eggenmueller
    organization baramundi software
definition_extensions
comment Apple iTunes is installed
oval oval:org.mitre.oval:def:12353
description Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file.
family windows
id oval:org.mitre.oval:def:7427
status accepted
submitted 2010-04-09T10:30:00.000-05:00
title Apple iTunes MP4 File Processing Denial of Service Vulnerability
version 14
refmap via4
apple APPLE-SA-2010-03-30-2
confirm http://support.apple.com/kb/HT4105
secunia 39135
Last major update 24-08-2010 - 01:43
Published 31-03-2010 - 14:30
Last modified 18-09-2017 - 21:30
Back to Top