iTunes
by Apple Inc.
CVEs (625)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-3971 | 0.00 | — | 0.02 | Feb 9, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events. | |||
| CVE-2011-3969 | 0.00 | — | 0.02 | Feb 9, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents. | |||
| CVE-2011-3968 | 0.00 | — | 0.01 | Feb 9, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences. | |||
| CVE-2011-3966 | 0.00 | — | 0.02 | Feb 9, 2012 | Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data. | |||
| CVE-2011-3958 | 0.00 | — | 0.02 | Feb 9, 2012 | Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document. | |||
| CVE-2011-3926 | 0.00 | — | 0.02 | Jan 24, 2012 | Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2011-3924 | 0.00 | — | 0.02 | Jan 24, 2012 | Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. | |||
| CVE-2011-3913 | 0.00 | — | 0.02 | Dec 13, 2011 | Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling. | |||
| CVE-2011-3909 | 0.00 | — | 0.02 | Dec 13, 2011 | The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. | |||
| CVE-2011-3908 | 0.00 | — | 0.02 | Dec 13, 2011 | Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2011-3897 | 0.00 | — | 0.02 | Nov 11, 2011 | Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing. | |||
| CVE-2011-3888 | 0.00 | — | 0.02 | Oct 25, 2011 | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in. | |||
| CVE-2011-3885 | 0.00 | — | 0.02 | Oct 25, 2011 | Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data. | |||
| CVE-2011-3252 | 0.00 | — | 0.06 | Oct 12, 2011 | Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream. | |||
| CVE-2011-3244 | 0.00 | — | 0.03 | Oct 12, 2011 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in… | |||
| CVE-2011-3241 | 0.00 | — | 0.02 | Oct 12, 2011 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in… | |||
| CVE-2011-3239 | 0.00 | — | 0.02 | Oct 12, 2011 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in… | |||
| CVE-2011-3238 | 0.00 | — | 0.03 | Oct 12, 2011 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in… | |||
| CVE-2011-3237 | 0.00 | — | 0.03 | Oct 12, 2011 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in… | |||
| CVE-2011-3236 | 0.00 | — | 0.03 | Oct 12, 2011 | WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in… |
- CVE-2011-3971Feb 9, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to mousemove events.
- CVE-2011-3969Feb 9, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout of SVG documents.
- CVE-2011-3968Feb 9, 2012risk 0.00cvss —epss 0.01
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving Cascading Style Sheets (CSS) token sequences.
- CVE-2011-3966Feb 9, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 17.0.963.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to error handling for Cascading Style Sheets (CSS) token-sequence data.
- CVE-2011-3958Feb 9, 2012risk 0.00cvss —epss 0.02
Google Chrome before 17.0.963.46 does not properly perform casts of variables during handling of a column span, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.
- CVE-2011-3926Jan 24, 2012risk 0.00cvss —epss 0.02
Heap-based buffer overflow in the tree builder in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- CVE-2011-3924Jan 24, 2012risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections.
- CVE-2011-3913Dec 13, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 16.0.912.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to Range handling.
- CVE-2011-3909Dec 13, 2011risk 0.00cvss —epss 0.02
The Cascading Style Sheets (CSS) implementation in Google Chrome before 16.0.912.63 on 64-bit platforms does not properly manage property arrays, which allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors.
- CVE-2011-3908Dec 13, 2011risk 0.00cvss —epss 0.02
Google Chrome before 16.0.912.63 does not properly parse SVG documents, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
- CVE-2011-3897Nov 11, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 15.0.874.120 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing.
- CVE-2011-3888Oct 25, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in.
- CVE-2011-3885Oct 25, 2011risk 0.00cvss —epss 0.02
Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to stale Cascading Style Sheets (CSS) token-sequence data.
- CVE-2011-3252Oct 12, 2011risk 0.00cvss —epss 0.06
Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream.
- CVE-2011-3244Oct 12, 2011risk 0.00cvss —epss 0.03
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…
- CVE-2011-3241Oct 12, 2011risk 0.00cvss —epss 0.02
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…
- CVE-2011-3239Oct 12, 2011risk 0.00cvss —epss 0.02
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…
- CVE-2011-3238Oct 12, 2011risk 0.00cvss —epss 0.03
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…
- CVE-2011-3237Oct 12, 2011risk 0.00cvss —epss 0.03
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…
- CVE-2011-3236Oct 12, 2011risk 0.00cvss —epss 0.03
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in…
Page 25 of 32