Unrated severityNVD Advisory· Published Sep 19, 2013· Updated Apr 29, 2026
CVE-2013-1035
CVE-2013-1035
Description
The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
Affected products
6cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*range: <=11.0.5
- cpe:2.3:a:apple:itunes:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:11.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:11.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:11.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:apple:itunes:11.0.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- lists.apple.com/archives/security-announce/2013/Sep/msg00005.htmlnvdPatchVendor Advisory
- support.apple.com/kb/HT5936nvdVendor Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18997nvd
News mentions
0No linked articles in our index yet.