CVE-2011-0192
Vulnerability from cvelistv5
Published
2011-03-03 19:00
Modified
2024-08-06 21:43
Severity ?
Summary
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.
References
product-security@apple.comhttp://blackberry.com/btsc/KB27244
product-security@apple.comhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
product-security@apple.comhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011/Mar/msg00000.htmlPatch, Vendor Advisory
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
product-security@apple.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
product-security@apple.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
product-security@apple.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
product-security@apple.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
product-security@apple.comhttp://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
product-security@apple.comhttp://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
product-security@apple.comhttp://secunia.com/advisories/43585
product-security@apple.comhttp://secunia.com/advisories/43593
product-security@apple.comhttp://secunia.com/advisories/43664
product-security@apple.comhttp://secunia.com/advisories/43934
product-security@apple.comhttp://secunia.com/advisories/44117
product-security@apple.comhttp://secunia.com/advisories/44135
product-security@apple.comhttp://secunia.com/advisories/50726
product-security@apple.comhttp://security.gentoo.org/glsa/glsa-201209-02.xml
product-security@apple.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
product-security@apple.comhttp://support.apple.com/kb/HT4554Vendor Advisory
product-security@apple.comhttp://support.apple.com/kb/HT4564
product-security@apple.comhttp://support.apple.com/kb/HT4565
product-security@apple.comhttp://support.apple.com/kb/HT4566
product-security@apple.comhttp://support.apple.com/kb/HT4581
product-security@apple.comhttp://support.apple.com/kb/HT4999
product-security@apple.comhttp://support.apple.com/kb/HT5001
product-security@apple.comhttp://www.debian.org/security/2011/dsa-2210
product-security@apple.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:043
product-security@apple.comhttp://www.redhat.com/support/errata/RHSA-2011-0318.html
product-security@apple.comhttp://www.securityfocus.com/bid/46658
product-security@apple.comhttp://www.securitytracker.com/id?1025153
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0551
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0599
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0621
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0845
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0905
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0930
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0960
product-security@apple.comhttps://bugzilla.redhat.com/show_bug.cgi?id=678635
af854a3a-2127-422b-91ae-364da2661108http://blackberry.com/btsc/KB27244
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43585
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43593
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43664
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43934
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44117
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44135
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/50726
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201209-02.xml
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4554Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4564
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4565
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4566
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4581
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4999
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT5001
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2011/dsa-2210
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:043
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2011-0318.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/46658
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1025153
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0551
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0599
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0621
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0845
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0905
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0930
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0960
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=678635
Impacted products
Vendor Product Version
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T21:43:15.366Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "ADV-2011-0845",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/0845",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT4564",
               },
               {
                  name: "SUSE-SR:2011:009",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT4565",
               },
               {
                  name: "ADV-2011-0599",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/0599",
               },
               {
                  name: "SSA:2011-098-01",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SLACKWARE",
                     "x_transferred",
                  ],
                  url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820",
               },
               {
                  name: "46658",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/46658",
               },
               {
                  name: "APPLE-SA-2011-10-12-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html",
               },
               {
                  name: "43934",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/43934",
               },
               {
                  name: "FEDORA-2011-2498",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT4566",
               },
               {
                  name: "FEDORA-2011-3836",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html",
               },
               {
                  name: "ADV-2011-0621",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/0621",
               },
               {
                  name: "ADV-2011-0905",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/0905",
               },
               {
                  name: "DSA-2210",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2011/dsa-2210",
               },
               {
                  name: "APPLE-SA-2011-03-21-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html",
               },
               {
                  name: "SUSE-SR:2011:005",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://blackberry.com/btsc/KB27244",
               },
               {
                  name: "RHSA-2011:0318",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2011-0318.html",
               },
               {
                  name: "APPLE-SA-2011-03-02-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html",
               },
               {
                  name: "43664",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/43664",
               },
               {
                  name: "ADV-2011-0551",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/0551",
               },
               {
                  name: "GLSA-201209-02",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "http://security.gentoo.org/glsa/glsa-201209-02.xml",
               },
               {
                  name: "APPLE-SA-2011-03-09-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html",
               },
               {
                  name: "ADV-2011-0930",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/0930",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT4999",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=678635",
               },
               {
                  name: "1025153",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1025153",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT5001",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT4554",
               },
               {
                  name: "APPLE-SA-2011-03-09-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html",
               },
               {
                  name: "44135",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/44135",
               },
               {
                  name: "ADV-2011-0960",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2011/0960",
               },
               {
                  name: "43585",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/43585",
               },
               {
                  name: "APPLE-SA-2011-03-09-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html",
               },
               {
                  name: "44117",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/44117",
               },
               {
                  name: "APPLE-SA-2011-10-12-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_APPLE",
                     "x_transferred",
                  ],
                  url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html",
               },
               {
                  name: "MDVSA-2011:043",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043",
               },
               {
                  name: "43593",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/43593",
               },
               {
                  name: "FEDORA-2011-3827",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html",
               },
               {
                  name: "FEDORA-2011-2540",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html",
               },
               {
                  name: "50726",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/50726",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://support.apple.com/kb/HT4581",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2011-03-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2014-02-10T16:57:01",
            orgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
            shortName: "apple",
         },
         references: [
            {
               name: "ADV-2011-0845",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/0845",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT4564",
            },
            {
               name: "SUSE-SR:2011:009",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT4565",
            },
            {
               name: "ADV-2011-0599",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/0599",
            },
            {
               name: "SSA:2011-098-01",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
               ],
               url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820",
            },
            {
               name: "46658",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/46658",
            },
            {
               name: "APPLE-SA-2011-10-12-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html",
            },
            {
               name: "43934",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/43934",
            },
            {
               name: "FEDORA-2011-2498",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT4566",
            },
            {
               name: "FEDORA-2011-3836",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html",
            },
            {
               name: "ADV-2011-0621",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/0621",
            },
            {
               name: "ADV-2011-0905",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/0905",
            },
            {
               name: "DSA-2210",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2011/dsa-2210",
            },
            {
               name: "APPLE-SA-2011-03-21-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html",
            },
            {
               name: "SUSE-SR:2011:005",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://blackberry.com/btsc/KB27244",
            },
            {
               name: "RHSA-2011:0318",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2011-0318.html",
            },
            {
               name: "APPLE-SA-2011-03-02-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html",
            },
            {
               name: "43664",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/43664",
            },
            {
               name: "ADV-2011-0551",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/0551",
            },
            {
               name: "GLSA-201209-02",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "http://security.gentoo.org/glsa/glsa-201209-02.xml",
            },
            {
               name: "APPLE-SA-2011-03-09-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html",
            },
            {
               name: "ADV-2011-0930",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/0930",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT4999",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=678635",
            },
            {
               name: "1025153",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1025153",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT5001",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT4554",
            },
            {
               name: "APPLE-SA-2011-03-09-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html",
            },
            {
               name: "44135",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/44135",
            },
            {
               name: "ADV-2011-0960",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2011/0960",
            },
            {
               name: "43585",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/43585",
            },
            {
               name: "APPLE-SA-2011-03-09-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html",
            },
            {
               name: "44117",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/44117",
            },
            {
               name: "APPLE-SA-2011-10-12-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_APPLE",
               ],
               url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html",
            },
            {
               name: "MDVSA-2011:043",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043",
            },
            {
               name: "43593",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/43593",
            },
            {
               name: "FEDORA-2011-3827",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html",
            },
            {
               name: "FEDORA-2011-2540",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html",
            },
            {
               name: "50726",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/50726",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://support.apple.com/kb/HT4581",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "product-security@apple.com",
               ID: "CVE-2011-0192",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "ADV-2011-0845",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2011/0845",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4564",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT4564",
                  },
                  {
                     name: "SUSE-SR:2011:009",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4565",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT4565",
                  },
                  {
                     name: "ADV-2011-0599",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2011/0599",
                  },
                  {
                     name: "SSA:2011-098-01",
                     refsource: "SLACKWARE",
                     url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820",
                  },
                  {
                     name: "46658",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/46658",
                  },
                  {
                     name: "APPLE-SA-2011-10-12-1",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html",
                  },
                  {
                     name: "43934",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/43934",
                  },
                  {
                     name: "FEDORA-2011-2498",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4566",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT4566",
                  },
                  {
                     name: "FEDORA-2011-3836",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html",
                  },
                  {
                     name: "ADV-2011-0621",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2011/0621",
                  },
                  {
                     name: "ADV-2011-0905",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2011/0905",
                  },
                  {
                     name: "DSA-2210",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2011/dsa-2210",
                  },
                  {
                     name: "APPLE-SA-2011-03-21-1",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html",
                  },
                  {
                     name: "SUSE-SR:2011:005",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html",
                  },
                  {
                     name: "http://blackberry.com/btsc/KB27244",
                     refsource: "CONFIRM",
                     url: "http://blackberry.com/btsc/KB27244",
                  },
                  {
                     name: "RHSA-2011:0318",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2011-0318.html",
                  },
                  {
                     name: "APPLE-SA-2011-03-02-1",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html",
                  },
                  {
                     name: "43664",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/43664",
                  },
                  {
                     name: "ADV-2011-0551",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2011/0551",
                  },
                  {
                     name: "GLSA-201209-02",
                     refsource: "GENTOO",
                     url: "http://security.gentoo.org/glsa/glsa-201209-02.xml",
                  },
                  {
                     name: "APPLE-SA-2011-03-09-1",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html",
                  },
                  {
                     name: "ADV-2011-0930",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2011/0930",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4999",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT4999",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=678635",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=678635",
                  },
                  {
                     name: "1025153",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1025153",
                  },
                  {
                     name: "http://support.apple.com/kb/HT5001",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT5001",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4554",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT4554",
                  },
                  {
                     name: "APPLE-SA-2011-03-09-2",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html",
                  },
                  {
                     name: "44135",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/44135",
                  },
                  {
                     name: "ADV-2011-0960",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2011/0960",
                  },
                  {
                     name: "43585",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/43585",
                  },
                  {
                     name: "APPLE-SA-2011-03-09-3",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html",
                  },
                  {
                     name: "44117",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/44117",
                  },
                  {
                     name: "APPLE-SA-2011-10-12-2",
                     refsource: "APPLE",
                     url: "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html",
                  },
                  {
                     name: "MDVSA-2011:043",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043",
                  },
                  {
                     name: "43593",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/43593",
                  },
                  {
                     name: "FEDORA-2011-3827",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html",
                  },
                  {
                     name: "FEDORA-2011-2540",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html",
                  },
                  {
                     name: "50726",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/50726",
                  },
                  {
                     name: "http://support.apple.com/kb/HT4581",
                     refsource: "CONFIRM",
                     url: "http://support.apple.com/kb/HT4581",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "286789f9-fbc2-4510-9f9a-43facdede74c",
      assignerShortName: "apple",
      cveId: "CVE-2011-0192",
      datePublished: "2011-03-03T19:00:00",
      dateReserved: "2010-12-23T00:00:00",
      dateUpdated: "2024-08-06T21:43:15.366Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2011-0192\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2011-03-03T20:00:02.643\",\"lastModified\":\"2024-11-21T01:23:30.773\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de búfer en LibTIFF en ImageIO en iTunes de Apple antesrior a v10.2 en Windows permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (solicitud de bloqueo) a través de una imagen TIFF manipulada con CCITT Grupo 4 de codificación.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.1.2\",\"matchCriteriaId\":\"E40F7857-8F3F-4707-B3AA-A12C0731BB83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CBD58D1-C40D-4F6D-816F-A3842897EB05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C910CA4-5EA5-4507-BDE9-3E6C1434B666\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1B4195D-1550-42D1-B562-0E438F7ACC2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4B6A66A-AC5F-48E0-ABCE-68828207B106\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1206A192-A22C-4C55-A323-1D28D89BED21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"071BFB1F-402B-4D8C-8155-671792AEDB81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCBA60E9-C5B5-4B4C-9FA3-7FE0F3F6871C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93748DFC-6003-4BED-87F9-98713F6897EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A8873F1-4792-41A1-83B5-B85C9F4A7D56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB84AFE4-2694-475A-80D3-4D50C524EE18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48FDD0A-6DE5-44DD-B144-32B91DB26C7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8343D87F-FA37-4225-B27D-BCCDD2433C31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B591AE1E-02DB-462A-B71F-48947525D232\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34B5892B-0377-4D81-9E0E-94B8D8CE72C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2276BED4-82F0-4F62-AA6F-7E1667F28E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D47548-1C4D-4368-99D1-929905DD6B3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28AE8D2D-63CA-4091-9D59-CE919EB1FD75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52A433A5-3EFF-405D-8285-97EC88857968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"582D1FE8-C4E8-4385-B4EB-34320F019E43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FEE6DEC-9B26-47F4-A2CF-CA49981C8864\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2223B8E2-346A-4C37-9F6C-879F9CA64C06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93E5227C-0621-43EE-A0F2-4B4545D71852\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB69B123-7A09-4855-9846-E8ACACB3C6F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0CC53F2-3827-4CA3-8726-C481B57B4AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C1AFF8F-BBCA-4C93-A401-F8B478327BFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BA3571F-9221-45CD-9798-CC72CA428D6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"129ABCA4-FBF6-41B8-BF6B-65467D56D297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"017E5A35-D778-46FD-A536-E57A13162675\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6122C685-4F02-476F-9A41-9C62D3D92651\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D37426-00A0-40E5-A27A-CF31D8CBAEEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E11CADC-AFCC-4A98-9271-C35BC9752B40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F1530E-9E63-4A39-9056-3A946A34B650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3856A348-A0D6-4A0A-A8C9-D369CC863A97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E92D8D-68AB-4FC4-A37A-D6D48829B58D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"670656BF-2BE2-41ED-854A-466DC4068FBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDE7F79F-54F5-4315-98BD-414CA2D1C51E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBBF2E9F-0F37-4DDA-9704-B31D94745257\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBA5AB05-ADF6-4B5D-A4FD-9C149EC4577F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1143A4DE-F75B-4396-9D01-CE14EF8FCB39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A02D076B-5900-401D-9B47-5136B9CEAA15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E479501-8832-41B0-A63C-360AE5A1B420\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8961EDA-B567-4D92-8DBC-F887712F3BD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A60A3349-DE6E-4381-81C0-E682B791ED61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EF2759C-6F94-4769-8EB2-16947C05CBB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0F53FF4-8A15-475C-9FF6-54073A3F1B08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80AFD7E5-A66F-4E43-BC34-EB6BF59186D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E41B2E2A-CE22-49FD-9558-0E6C87F53425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1950796-DA96-4443-85F4-91FE38A26612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5EBED9A-DCF4-47FE-9A6D-4573594AA645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F7EA3F3-576C-4661-B35F-EC34CE363125\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C3A6055-2626-4A6E-9596-9974E7437FB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00AF4F28-A71C-4CB3-8F5F-C15500332954\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5817849-ADD0-4905-87D5-4D61DB635747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96E90253-3F7D-4361-819B-5D49657F4472\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CDE68E5-744B-4E18-BB74-83D7185E6A57\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D56B932B-9593-44E2-B610-E4EB2143EB21\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3852BB02-47A1-40B3-8E32-8D8891A53114\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C162FFF0-1E8F-4DCF-A08F-6C6E324ED878\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A0D2704-C058-420B-B368-372D1129E914\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B339C33-8896-4896-88FF-88E74FDBC543\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE477A73-4EE4-41E9-8694-5A3D5DC88656\"}]}]}],\"references\":[{\"url\":\"http://blackberry.com/btsc/KB27244\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/43585\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/43593\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/43664\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/43934\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/44117\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/44135\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/50726\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201209-02.xml\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4554\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4564\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4565\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4566\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4581\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4999\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT5001\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2210\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:043\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0318.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securityfocus.com/bid/46658\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securitytracker.com/id?1025153\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0551\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0599\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0621\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0845\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0905\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0930\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0960\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=678635\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://blackberry.com/btsc/KB27244\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43585\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43593\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43664\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43934\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/44117\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/44135\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/50726\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201209-02.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4554\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4564\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4565\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4566\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT4999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.apple.com/kb/HT5001\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0318.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/46658\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1025153\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0551\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0599\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0621\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0845\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0905\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0960\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=678635\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.