fkie_cve-2010-1795
Vulnerability from fkie_nvd
Published
2010-08-20 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:itunes:1.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "EEEFF5EC-A455-4B11-9B22-1E79DE3EC45E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:1.1.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "5C697C09-C952-4A8F-A1AE-06F423AE7D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:1.1.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "46297466-0506-4767-B49F-9914ACDB2A5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:2.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "00598334-E6E2-4D14-9B75-F6384DAC5288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:2.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "60639271-2C1D-41BD-BEA4-8D1CDAB9E224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:2.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "C9A3F04A-2FC3-48F2-B7C3-A159CB14D3F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:2.0.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "A4F5B268-399F-4CEC-9996-01BD55841141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:2.0.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "28C2D685-7064-4F75-9100-21212557933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:3.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "87DADBB9-FCB8-4970-9B36-B52BB253DEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:3.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "49DC6060-C598-4DA3-AC7A-912840492B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "262CAFD7-07C2-4C71-B2FC-165A88977881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "3CA9634F-A553-4B72-BBA2-AD7EAE4DFA81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.1.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "E91D9ACF-2595-4A9A-B581-46F177300B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.2.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "2320B809-DE44-49AA-9C96-196BF39749C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.5.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "FD00E684-506B-4ED6-B48C-7D565CDA188C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.6.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "28519DE2-61CA-4943-9247-9F6BCB0367DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.7.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "822F3D7E-810F-41B9-823F-D0B54BD1A3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.7.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "359C82A7-F6FB-4140-BD11-2B38B323933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.8.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "E9B16D5E-9EF4-4253-8E07-75C8E5E0E33E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.9.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "CA2B6657-6E0F-4915-ACB9-219F76D8E38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:5.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "10A63976-A435-4F6C-8B09-3001CA3EDC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:5.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "B97DF98E-792B-474E-8820-DF88C4B28A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "97558F66-FA78-454B-B25C-DA2A39CA1A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "B3F084A8-A293-4151-80F6-72C14582E31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "7426FDD0-F909-48AB-97C9-C4B25C05E6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "372C1609-E534-41E0-87CD-C654BBF0B88F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.4:-:windows:*:*:*:*:*",
"matchCriteriaId": "03FCF3E7-0649-43B7-90C8-521E90079156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.4.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "AA515EB9-7BF3-4B2E-800F-F50FFD2E4E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.5:-:windows:*:*:*:*:*",
"matchCriteriaId": "407AD48A-EA07-456F-B46B-24383E416A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "C5B51908-CB81-492D-A437-D0508ABE05FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "0E826E91-CBBF-48D8-A4AD-7FB6830F3769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "066FC8C7-5A0B-4B2E-A51E-BFB42153FD21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.1.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "0D2412E1-745B-4CFC-B075-1960A1410335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.1.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "45F36172-97A7-4767-BC9E-8DC0444A8635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.2.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "D0D889C7-320C-4674-834F-93C8B1701EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.3.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "23B4660B-D22B-4AC5-B6F2-87F83A2251A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.3.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "7F61B45F-86CA-43F6-BA12-62AB0FBAD352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.3.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "9F7D1E31-E28F-4EAD-AAE5-01AE478003B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.4.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "91FB2868-DDF9-4D33-B78C-2A5180F9D260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.4.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "AEEC5C0E-DDC5-4B28-8C04-DF69C152E1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.4.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "2F688163-C543-4D58-BF71-DF50FFB0A112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.4.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "8B5044B7-144C-4850-9598-FC90248645EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.5.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "0C0CB6DE-46C4-4F9D-B8FD-47C01922D2D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.6.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "040B2DB5-8F7D-4272-A0D1-2872B289B125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.6.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "1A957B0E-9A86-40D4-8A39-01895C32838A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.6.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "0B7DBB76-5A86-42A3-8A0A-19D616357619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.7.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "BC16747F-9F32-4186-9824-487163276EEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.7.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "F2043A3A-3578-42D8-AF54-7C8073CA0DB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:8.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "8524DF4C-9607-42A9-92DF-815F501C2133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:8.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "17517493-027E-4844-85DD-D8ABCDEB1BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:8.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "5A653FFB-16BF-439D-A03A-1C9FB6B6AB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:8.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "891B1042-2F02-4D3A-9F2E-2567B2C0A63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:8.1.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "36690CCC-AA84-4328-9BA5-F26556B1EBE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:8.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "9CAB77AB-531A-43DD-8353-598941AC4128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:8.2.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "031526F9-4D73-4D0D-90A1-ED6D6B3CA467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.0.0:-:windows:*:*:*:*:*",
"matchCriteriaId": "F517459A-E3CD-4BBC-A38B-C83B0E761939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.0.1:-:windows:*:*:*:*:*",
"matchCriteriaId": "F3A1B79A-D89C-416B-9AC6-17E2DC543FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.0.2:-:windows:*:*:*:*:*",
"matchCriteriaId": "90B7F3C0-3266-4611-92D9-E39CD6970641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.0.3:-:windows:*:*:*:*:*",
"matchCriteriaId": "29D70813-38DE-415F-A2C6-08C867B2D726",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory."
},
{
"lang": "es",
"value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en Apple iTunes anterior a v9.1, cuando se ejecuta en Windows 7, Vista, y XP, permite a atacantes obtener privilegios a trav\u00e9s de una DDL que es un troyano en el directorio actual de trabajo."
}
],
"id": "CVE-2010-1795",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-20T20:00:02.467",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4105"
},
{
"source": "product-security@apple.com",
"url": "http://www.acrossecurity.com/aspr/ASPR-2010-08-18-1-PUB.txt"
},
{
"source": "product-security@apple.com",
"url": "http://www.securityfocus.com/archive/1/513190/100/0/threaded"
},
{
"source": "product-security@apple.com",
"url": "http://www.securityfocus.com/bid/42541"
},
{
"source": "product-security@apple.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61223"
},
{
"source": "product-security@apple.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.acrossecurity.com/aspr/ASPR-2010-08-18-1-PUB.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/513190/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7217"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…