VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 12, 2012· Updated Apr 29, 2026

CVE-2012-0677

CVE-2012-0677

Description

Heap-based buffer overflow in Apple iTunes before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .m3u playlist.

Affected products

21
  • Apple Inc./iTunes21 versions
    cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*+ 20 more
    • cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*range: <=10.6.1
    • cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.2.2.12:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.4:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.4.0.80:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.4.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.5:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.5.1.42:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:apple:itunes:10.6:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.