Lucene search

[email protected]CVE-2005-0043

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0043

2005-05-0204:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0043

buffer overflow

apple itunes 4.7

remote code execution

url

.m3u

.pls

playlist files

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.186 Low

EPSS

Percentile

96.3%

JSON

Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files.

Affected configurations

NVD

Node

appleitunesMatch4.7

CPENameOperatorVersion
apple:itunesapple ituneseq4.7

CPE	Name	Operator	Version
apple:itunes	apple itunes	eq	4.7

References

lists.apple.com/archives/security-announce/2005/Jan/msg00000.html

secunia.com/advisories/13804

securitytracker.com/id?1012839

www.idefense.com/application/poi/display?id=180&type=vulnerabilities

www.kb.cert.org/vuls/id/377368

www.osvdb.org/12833

www.securityfocus.com/bid/12238

exchange.xforce.ibmcloud.com/vulnerabilities/18851

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.186 Low

EPSS

Percentile

96.3%

JSON

Related for CVE-2005-0043

packetstorm1 nessus1 cvelist1 cert1 securityvulns2 checkpoint_advisories1 nvd1