ID CVE-2010-1768
Summary Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:itunes:1.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:1.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:1.1.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:1.1.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:1.1.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:1.1.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:1.1.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:1.1.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:2.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:2.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:2.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:2.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:2.0.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:2.0.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:2.0.3:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:2.0.3:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:2.0.4:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:2.0.4:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:3.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:3.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:3.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:3.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.1.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.1.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.2.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.2.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.5.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.5.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.6.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.6.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.7.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.7.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.7.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.7.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.8.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.8.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:4.9.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:4.9.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:5.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:5.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:5.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:5.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:6.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:6.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:6.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:6.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:6.0.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:6.0.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:6.0.3:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:6.0.3:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:6.0.4:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:6.0.4:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:6.0.4.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:6.0.4.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:6.0.5:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:6.0.5:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.0.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.0.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.1.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.1.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.1.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.1.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.2.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.2.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.3.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.3.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.3.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.3.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.3.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.3.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.4.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.4.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.4.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.4.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.4.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.4.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.4.3:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.4.3:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.5.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.5.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.6.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.6.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.6.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.6.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.6.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.6.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.7.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.7.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:7.7.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:7.7.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:8.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:8.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:8.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:8.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:8.0.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:8.0.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:8.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:8.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:8.1.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:8.1.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:8.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:8.2:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:8.2.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:8.2.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:9.0.0:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:9.0.0:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:9.0.1:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:9.0.1:-:mac:*:*:*:*:*
  • cpe:2.3:a:apple:itunes:9.0.2:-:mac:*:*:*:*:*
    cpe:2.3:a:apple:itunes:9.0.2:-:mac:*:*:*:*:*
CVSS
Base: 6.9 (as of 19-09-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2015-06-22T04:00:50.025-04:00
class vulnerability
contributors
  • name SecPod Team
    organization SecPod Technologies
  • name Scott Quint
    organization Quintechssential
  • name Pooja Shetty
    organization SecPod Technologies
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Shane Shaffer
    organization G2, Inc.
  • name Bernd Eggenmueller
    organization baramundi software
definition_extensions
comment Apple iTunes is installed
oval oval:org.mitre.oval:def:12353
description Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.
family windows
id oval:org.mitre.oval:def:7604
status accepted
submitted 2010-09-23T02:48:16
title Apple iTunes Log File Insecure File Operation Local Privilege Escalation Vulnerability
version 14
refmap via4
bid 42538
confirm http://support.apple.com/kb/HT4105
xf itunes-operations-privilege-escalation(61222)
Last major update 19-09-2017 - 01:30
Published 20-08-2010 - 20:00
Last modified 19-09-2017 - 01:30
Back to Top