Lucene search

[email protected]CVE-2011-0191

HistoryMar 03, 2011 - 8:00 p.m.

CVE-2011-0191

2011-03-0320:00:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-0191

buffer overflow

libtiff

imageio

apple itunes

remote code execution

denial of service

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.037 Low

EPSS

Percentile

91.8%

JSON

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

Affected configurations

NVD

Node

appleitunesRange≤10.1.2

appleitunesMatch4.0.0

appleitunesMatch4.0.1

appleitunesMatch4.1.0

appleitunesMatch4.2.0

appleitunesMatch4.5

appleitunesMatch4.5.0

appleitunesMatch4.6

appleitunesMatch4.6.0

appleitunesMatch4.7

appleitunesMatch4.7.0

appleitunesMatch4.7.1

appleitunesMatch4.7.2

appleitunesMatch4.8.0

appleitunesMatch4.9.0

appleitunesMatch5.0

appleitunesMatch5.0.0

appleitunesMatch5.0.1

appleitunesMatch6.0.0

appleitunesMatch6.0.1

appleitunesMatch6.0.2

appleitunesMatch6.0.3

appleitunesMatch6.0.4

appleitunesMatch6.0.4.2

appleitunesMatch6.0.5

appleitunesMatch7.0.0

appleitunesMatch7.0.1

appleitunesMatch7.0.2

appleitunesMatch7.1.0

appleitunesMatch7.1.1

appleitunesMatch7.2.0

appleitunesMatch7.3.0

appleitunesMatch7.3.1

appleitunesMatch7.3.2

appleitunesMatch7.4

appleitunesMatch7.4.0

appleitunesMatch7.4.1

appleitunesMatch7.4.2

appleitunesMatch7.4.3

appleitunesMatch7.5

appleitunesMatch7.5.0

appleitunesMatch7.6

appleitunesMatch7.6.0

appleitunesMatch7.6.1

appleitunesMatch7.6.2

appleitunesMatch7.7

appleitunesMatch7.7.0

appleitunesMatch7.7.1

appleitunesMatch8.0.0

appleitunesMatch8.0.1

appleitunesMatch8.0.2

appleitunesMatch8.1

appleitunesMatch8.1.1

appleitunesMatch8.2

appleitunesMatch8.2.1

appleitunesMatch9.0.0

appleitunesMatch9.0.1

appleitunesMatch9.0.2

appleitunesMatch9.0.3

appleitunesMatch9.2

appleitunesMatch9.2.1

appleitunesMatch10.0

appleitunesMatch10.0.1

appleitunesMatch10.1

appleitunesMatch10.1.1

AND

microsoftwindows

microsoftwindows_7

microsoftwindows_vista

microsoftwindows_vistasp1

microsoftwindows_vistasp2

microsoftwindows_xpsp2

microsoftwindows_xpsp3

CPENameOperatorVersion
apple:itunesapple itunesle10.1.2
apple:itunesapple ituneseq4.0.0
apple:itunesapple ituneseq4.0.1
apple:itunesapple ituneseq4.1.0
apple:itunesapple ituneseq4.2.0
apple:itunesapple ituneseq4.5
apple:itunesapple ituneseq4.5.0
apple:itunesapple ituneseq4.6
apple:itunesapple ituneseq4.6.0
apple:itunesapple ituneseq4.7

CPE	Name	Operator	Version
apple:itunes	apple itunes	le	10.1.2
apple:itunes	apple itunes	eq	4.0.0
apple:itunes	apple itunes	eq	4.0.1
apple:itunes	apple itunes	eq	4.1.0
apple:itunes	apple itunes	eq	4.2.0
apple:itunes	apple itunes	eq	4.5
apple:itunes	apple itunes	eq	4.5.0
apple:itunes	apple itunes	eq	4.6
apple:itunes	apple itunes	eq	4.6.0
apple:itunes	apple itunes	eq	4.7