Lucene search
HistoryAug 20, 2010 - 8:00 p.m.
CVE-2010-1795
cve-2010-1795
itunes
windows
vulnerability
privilege escalation
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.4 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
75.2%
Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.
Affected configurations
Node
appleitunesMatch1.0-windows
ORappleitunesMatch1.1.1-windows
ORappleitunesMatch1.1.2-windows
ORappleitunesMatch2.0.0-windows
ORappleitunesMatch2.0.1-windows
ORappleitunesMatch2.0.2-windows
ORappleitunesMatch2.0.3-windows
ORappleitunesMatch2.0.4-windows
ORappleitunesMatch3.0.0-windows
ORappleitunesMatch3.0.1-windows
ORappleitunesMatch4.0.0-windows
ORappleitunesMatch4.0.1-windows
ORappleitunesMatch4.1.0-windows
ORappleitunesMatch4.2.0-windows
ORappleitunesMatch4.5.0-windows
ORappleitunesMatch4.6.0-windows
ORappleitunesMatch4.7.0-windows
ORappleitunesMatch4.7.1-windows
ORappleitunesMatch4.8.0-windows
ORappleitunesMatch4.9.0-windows
ORappleitunesMatch5.0.0-windows
ORappleitunesMatch5.0.1-windows
ORappleitunesMatch6.0.0-windows
ORappleitunesMatch6.0.1-windows
ORappleitunesMatch6.0.2-windows
ORappleitunesMatch6.0.3-windows
ORappleitunesMatch6.0.4-windows
ORappleitunesMatch6.0.4.2-windows
ORappleitunesMatch6.0.5-windows
ORappleitunesMatch7.0.0-windows
ORappleitunesMatch7.0.1-windows
ORappleitunesMatch7.0.2-windows
ORappleitunesMatch7.1.0-windows
ORappleitunesMatch7.1.1-windows
ORappleitunesMatch7.2.0-windows
ORappleitunesMatch7.3.0-windows
ORappleitunesMatch7.3.1-windows
ORappleitunesMatch7.3.2-windows
ORappleitunesMatch7.4.0-windows
ORappleitunesMatch7.4.1-windows
ORappleitunesMatch7.4.2-windows
ORappleitunesMatch7.4.3-windows
ORappleitunesMatch7.5.0-windows
ORappleitunesMatch7.6.0-windows
ORappleitunesMatch7.6.1-windows
ORappleitunesMatch7.6.2-windows
ORappleitunesMatch7.7.0-windows
ORappleitunesMatch7.7.1-windows
ORappleitunesMatch8.0-windows
ORappleitunesMatch8.0.1-windows
ORappleitunesMatch8.0.2-windows
ORappleitunesMatch8.1-windows
ORappleitunesMatch8.1.1-windows
ORappleitunesMatch8.2-windows
ORappleitunesMatch8.2.1-windows
ORappleitunesMatch9.0.0-windows
ORappleitunesMatch9.0.1-windows
ORappleitunesMatch9.0.2-windows
ORappleitunesMatch9.0.3-windows
References
Related
nvd
nvd
CVE-2010-1795
2010-08-20 20:00:02
prion
prion
Design/Logic Flaw
2010-08-20 20:00:00
cvelist
cvelist
CVE-2010-1795
2010-08-20 19:00:00
cert
cert
Microsoft Windows based applications may insecurely load dynamic libraries
2010-08-25 00:00:00
nessus
nessus
Apple iTunes < 9.1 Multiple Vulnerabilities (credentialed check)
2010-03-31 00:00:00
Apple iTunes < 9.1 Multiple Vulnerabilities (uncredentialed check)
2010-03-31 00:00:00
iTunes < 9.1 Multiple Vulnerabilities
2010-03-31 00:00:00
securityvulns
securityvulns
Apple iTunes multiple security uvlnerabilities
2010-08-19 00:00:00
About the security content of iTunes 9.1
2010-08-19 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.4 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
75.2%
Related for CVE-2010-1795