Unrated severityNVD Advisory· Published Sep 11, 2008· Updated Apr 23, 2026

CVE-2008-3634

Description

Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information.

Affected products

Apple Inc./iTunes44 versions
cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*+ 43 more
- cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.2.72:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.7.1.30:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.8:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:4.9:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce//2008/Sep/msg00001.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/31090nvdPatch
securitytracker.com/idnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000