- Home
- CVEs with nessus.description==The version of Apple iTunes installed on the remote Windows host is older than 9.1. Such versions may be affected by multiple vulnerabilities :
- A buffer underflow in ImageIO's handling of TIFF images may lead to an application crash or arbitrary code execution. (CVE-2009-2285)
- An integer overflow in the applications's handling of images with an embedded color profile may lead to an application crash or arbitrary code execution.
(CVE-2010-0040)
- An uninitialized memory access issue in ImageIO's handling of BMP images may result in sending data from Safari's memory to a website under an attacker's control. (CVE-2010-0041)
- An uninitialized memory access issue in ImageIO's handling of TIFF images may result in sending data from Safari's memory to a website under an attacker's control. (CVE-2010-0042)
- A memory corruption issue in the application's handling of TIFF images may lead to an application crash or arbitrary code execution. (CVE-2010-0043)
- A race condition during the installation process may allow a local user modify a file that is then executed with SYSTEM privileges. (CVE-2010-0532)
- A path searching issue may allow code execution if an attacker can place a specially crafted DLL in a directory and have a user open another file using iTunes in that directory. (CVE-2010-1795)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top