ID CVE-2010-1769
Summary WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:itunes:9.0.0:-:windows
    cpe:2.3:a:apple:itunes:9.0.0:-:windows
  • cpe:2.3:a:apple:itunes:9.0.1:-:windows
    cpe:2.3:a:apple:itunes:9.0.1:-:windows
  • cpe:2.3:a:apple:itunes:9.0.2:-:windows
    cpe:2.3:a:apple:itunes:9.0.2:-:windows
  • cpe:2.3:a:apple:itunes:9.0.3:-:windows
    cpe:2.3:a:apple:itunes:9.0.3:-:windows
  • cpe:2.3:a:apple:itunes:9.0:-:windows
    cpe:2.3:a:apple:itunes:9.0:-:windows
  • cpe:2.3:a:apple:itunes:9.1.1:-:windows
    cpe:2.3:a:apple:itunes:9.1.1:-:windows
  • cpe:2.3:a:apple:itunes:9.1:-:windows
    cpe:2.3:a:apple:itunes:9.1:-:windows
  • Apple iTunes 8.0.0
    cpe:2.3:a:apple:itunes:8.0.0
  • Apple iTunes 8.0.0 for Windows
    cpe:2.3:a:apple:itunes:8.0.0:-:windows
  • Apple iTunes 8.0.1 for Windows
    cpe:2.3:a:apple:itunes:8.0.1:-:windows
  • cpe:2.3:a:apple:itunes:8.0.2:-:windows
    cpe:2.3:a:apple:itunes:8.0.2:-:windows
  • cpe:2.3:a:apple:itunes:8.0:-:windows
    cpe:2.3:a:apple:itunes:8.0:-:windows
  • cpe:2.3:a:apple:itunes:8.1.1:-:windows
    cpe:2.3:a:apple:itunes:8.1.1:-:windows
  • cpe:2.3:a:apple:itunes:8.1:-:windows
    cpe:2.3:a:apple:itunes:8.1:-:windows
  • cpe:2.3:a:apple:itunes:8.2.1:-:windows
    cpe:2.3:a:apple:itunes:8.2.1:-:windows
  • cpe:2.3:a:apple:itunes:8.2:-:windows
    cpe:2.3:a:apple:itunes:8.2:-:windows
  • Apple iTunes 7.0.0 for Windows
    cpe:2.3:a:apple:itunes:7.0.0:-:windows
  • Apple iTunes 7.0.2 for Windows
    cpe:2.3:a:apple:itunes:7.0.2:-:windows
  • Apple iTunes 7.0.1 for Windows
    cpe:2.3:a:apple:itunes:7.0.1:-:windows
  • Apple iTunes 7.1.0 for Windows
    cpe:2.3:a:apple:itunes:7.1.0:-:windows
  • Apple iTunes 7.2.0 for Windows
    cpe:2.3:a:apple:itunes:7.2.0:-:windows
  • Apple iTunes 7.1.1 for Windows
    cpe:2.3:a:apple:itunes:7.1.1:-:windows
  • Apple iTunes 7.3.0 for Windows
    cpe:2.3:a:apple:itunes:7.3.0:-:windows
  • Apple iTunes 7.3.1 for Windows
    cpe:2.3:a:apple:itunes:7.3.1:-:windows
  • Apple iTunes 7.3.2 for Windows
    cpe:2.3:a:apple:itunes:7.3.2:-:windows
  • Apple iTunes 7.6.1 for Windows
    cpe:2.3:a:apple:itunes:7.6.1:-:windows
  • Apple iTunes 7.7.1 for Windows
    cpe:2.3:a:apple:itunes:7.7.1:-:windows
  • cpe:2.3:a:apple:itunes:7.7:-:windows
    cpe:2.3:a:apple:itunes:7.7:-:windows
  • Apple iTunes 7.4.0 for Windows
    cpe:2.3:a:apple:itunes:7.4.0:-:windows
  • Apple iTunes 7.6.2 for Windows
    cpe:2.3:a:apple:itunes:7.6.2:-:windows
  • cpe:2.3:a:apple:itunes:7.6:-:windows
    cpe:2.3:a:apple:itunes:7.6:-:windows
  • Apple iTunes 7.4.1 for Windows
    cpe:2.3:a:apple:itunes:7.4.1:-:windows
  • Apple iTunes 7.5 Windows
    cpe:2.3:a:apple:itunes:7.5:-:windows
  • Apple iTunes 7.4.3 Windows
    cpe:2.3:a:apple:itunes:7.4.3:-:windows
  • Apple iTunes 7.4.2 for Windows
    cpe:2.3:a:apple:itunes:7.4.2:-:windows
  • Apple iTunes 7.4.2 for Windows
    cpe:2.3:a:apple:itunes:7.4.2:-:windows
  • Apple iTunes 7.4.1 for Windows
    cpe:2.3:a:apple:itunes:7.4.1:-:windows
  • Apple iTunes 7.3.2 for Windows
    cpe:2.3:a:apple:itunes:7.3.2:-:windows
  • Apple iTunes 7.5.0 for Windows
    cpe:2.3:a:apple:itunes:7.5.0:-:windows
  • Apple iTunes 7.4 Windows
    cpe:2.3:a:apple:itunes:7.4:-:windows
  • Apple iTunes 7.0.2 for Windows
    cpe:2.3:a:apple:itunes:7.0.2:-:windows
  • Apple iTunes 7.6.0 for Windows
    cpe:2.3:a:apple:itunes:7.6.0:-:windows
  • Apple iTunes 7.6.1 for Windows
    cpe:2.3:a:apple:itunes:7.6.1:-:windows
  • Apple iTunes 7.6.2 for Windows
    cpe:2.3:a:apple:itunes:7.6.2:-:windows
  • Apple iTunes 7.7.0 for Windows
    cpe:2.3:a:apple:itunes:7.7.0:-:windows
  • Apple iTunes 7.7.1 for Windows
    cpe:2.3:a:apple:itunes:7.7.1:-:windows
  • Microsoft Windows XP
    cpe:2.3:o:microsoft:windows_xp
  • Microsoft Windows 7
    cpe:2.3:o:microsoft:windows_7
  • Microsoft Windows Vista
    cpe:2.3:o:microsoft:windows_vista
CVSS
Base: 10.0 (as of 21-06-2010 - 09:20)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_LIBWEBKIT-110111.NASL
    description Various bugs in webkit have been fixed. The CVE id's are : CVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685, CVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689, CVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693, CVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697, CVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701, CVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714, CVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725, CVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419, CVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272, CVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315, CVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029, CVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386, CVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760, CVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764, CVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264, CVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301, CVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 53764
    published 2011-05-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=53764
    title openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_3_LIBWEBKIT-110104.NASL
    description Various bugs in webkit have been fixed. The CVE id's are : CVE-2009-0945, CVE-2009-1681, CVE-2009-1684, CVE-2009-1685, CVE-2009-1686, CVE-2009-1687, CVE-2009-1688, CVE-2009-1689, CVE-2009-1691, CVE-2009-1690, CVE-2009-1692, CVE-2009-1693, CVE-2009-1694, CVE-2009-1695, CVE-2009-1696, CVE-2009-1697, CVE-2009-1698, CVE-2009-1699, CVE-2009-1700, CVE-2009-1701, CVE-2009-1702, CVE-2009-1703, CVE-2009-1709, CVE-2009-1710, CVE-2009-1711, CVE-2009-1712, CVE-2009-1713, CVE-2009-1714, CVE-2009-1715, CVE-2009-1718, CVE-2009-1724, CVE-2009-1725, CVE-2009-2195, CVE-2009-2199, CVE-2009-2200, CVE-2009-2419, CVE-2009-2797, CVE-2009-2816, CVE-2009-2841, CVE-2009-3272, CVE-2009-3384, CVE-2009-3933, CVE-2009-3934, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0315, CVE-2010-0647, CVE-2010-0051, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-0659, CVE-2010-0661, CVE-2010-1029, CVE-2010-1126, CVE-2010-1233, CVE-2010-1236, CVE-2010-1386, CVE-2010-1387, CVE-2010-1388, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1406, CVE-2010-1407, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1413, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1729, CVE-2010-1749, CVE-2010-1757, CVE-2010-1758, CVE-2010-1759, CVE-2010-1760, CVE-2010-1761, CVE-2010-1762, CVE-2010-1763, CVE-2010-1764, CVE-2010-1766, CVE-2010-1767, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1772, CVE-2010-1773, CVE-2010-1774, CVE-2010-1780, CVE-2010-1781, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793, CVE-2010-1807, CVE-2010-1812, CVE-2010-1813, CVE-2010-1814, CVE-2010-1815, CVE-2010-1822, CVE-2010-1823, CVE-2010-1824, CVE-2010-1825, CVE-2010-2264, CVE-2010-2295, CVE-2010-2297, CVE-2010-2300, CVE-2010-2301, CVE-2010-2302, CVE-2010-2441, CVE-2010-3116, CVE-2010-3257, CVE-2010-3259, CVE-2010-3312, CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826, CVE-2010-3829, CVE-2010-3900, CVE-2010-4040
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75629
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75629
    title openSUSE Security Update : libwebkit (openSUSE-SU-2011:0024-1)
  • NASL family Windows
    NASL id ITUNES_9_2.NASL
    description The version of Apple iTunes installed on the remote Windows host is older than 9.2. As such, it may be affected by multiple vulnerabilities : - A heap-based buffer overflow in the handling of images with an embedded ColorSync profile may lead to an application crash or arbitrary code execution. (CVE-2009-1726) - Multiple integer overflows in ImageIO's handling of TIFF files may lead to an application crash or arbitrary code execution. (CVE-2010-1411) - Multiple vulnerabilities WebKit may have a variety of effects, including arbitrary code execution. (CVE-2010-0544, CVE-2010-1119, CVE-2010-1387, CVE-2010-1390, CVE-2010-1392, CVE-2010-1393, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1749, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1763, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1774)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 47037
    published 2010-06-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47037
    title Apple iTunes < 9.2 Multiple Vulnerabilities (credentialed check)
  • NASL family Peer-To-Peer File Sharing
    NASL id ITUNES_9_2_BANNER.NASL
    description The version of Apple iTunes on the remote host is prior to version 9.2. It is, therefore, affected by multiple vulnerabilities : - A heap-based buffer overflow vulnerability exists in the handling of images with an embedded ColorSync profile. By using a specially crafted image, a remote attacker can exploit this to cause a denial of service or execute arbitrary code. (CVE-2009-1726) - Multiple integer overflow vulnerabilities exist in ImageIO's handling of TIFF files. By using a specially crafted TIFF file, a remote attacker can exploit these to cause a denial of service or execute arbitrary code. (CVE-2010-1411) - The WebKit component contains multiple vulnerabilities that can be exploited, including the execution of arbitrary code. (CVE-2010-0544, CVE-2010-1119, CVE-2010-1387, CVE-2010-1390, CVE-2010-1392, CVE-2010-1393, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1749, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1763, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1774)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 47038
    published 2010-06-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47038
    title Apple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check)
oval via4
accepted 2015-06-22T04:00:48.725-04:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Scott Quint
    organization Quintechssential
  • name Pooja Shetty
    organization SecPod Technologies
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Shane Shaffer
    organization G2, Inc.
  • name Bernd Eggenmueller
    organization baramundi software
definition_extensions
comment Apple iTunes is installed
oval oval:org.mitre.oval:def:12353
description WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763.
family windows
id oval:org.mitre.oval:def:7178
status accepted
submitted 2010-09-23T02:48:16
title Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability
version 14
refmap via4
apple
  • APPLE-SA-2010-06-16-1
  • APPLE-SA-2010-06-21-1
bid 41016
confirm
sectrack 1024108
secunia
  • 40196
  • 43068
suse SUSE-SR:2011:002
vupen
  • ADV-2010-1512
  • ADV-2011-0212
xf itunes-webkit-unspecified-var3(59508)
Last major update 18-07-2011 - 22:37
Published 18-06-2010 - 12:30
Last modified 18-09-2017 - 21:30
Back to Top