Lucene search
Copyright (C) 2011 Greenbone AGOPENVAS:1361412562310902718HistoryAug 26, 2011 - 12:00 a.m.
Apple iTunes Multiple Vulnerabilities - Mac OS X
2011-08-2600:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
15
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
Low
0.664 Medium
EPSS
Percentile
98.0%
This host has installed apple iTunes and is prone to multiple
vulnerabilities.
# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/a:apple:itunes";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.902718");
script_version("2024-02-15T05:05:39+0000");
script_tag(name:"last_modification", value:"2024-02-15 05:05:39 +0000 (Thu, 15 Feb 2024)");
script_tag(name:"creation_date", value:"2011-08-26 14:59:42 +0200 (Fri, 26 Aug 2011)");
script_cve_id("CVE-2010-1205", "CVE-2010-2249", "CVE-2011-0170");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-08-14 15:50:00 +0000 (Fri, 14 Aug 2020)");
script_name("Apple iTunes Multiple Vulnerabilities - Mac OS X");
script_xref(name:"URL", value:"http://support.apple.com/kb/HT4554");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/41174");
script_xref(name:"URL", value:"http://securitytracker.com/id/1025152");
script_xref(name:"URL", value:"http://lists.apple.com/archives/security-announce//2011//Mar/msg00000.html");
script_copyright("Copyright (C) 2011 Greenbone AG");
script_category(ACT_GATHER_INFO);
script_family("Mac OS X Local Security Checks");
script_dependencies("secpod_itunes_detect_macosx.nasl");
script_mandatory_keys("Apple/iTunes/MacOSX/Version");
script_tag(name:"impact", value:"Successful exploitation could allow attackers to execute arbitrary code on
the target user's system.");
script_tag(name:"affected", value:"Apple iTunes version prior to 10.2 on Mac OS X version 10.5.");
script_tag(name:"insight", value:"The flaws are due to the error while handling the crafted files.");
script_tag(name:"solution", value:"Upgrade to Apple iTunes version 10.2 or later.");
script_tag(name:"summary", value:"This host has installed apple iTunes and is prone to multiple
vulnerabilities.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
osVer = get_kb_item("ssh/login/osx_version");
if(!osVer || osVer !~ "^10.5\.")
exit(0);
if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
exit(0);
vers = infos["version"];
path = infos["location"];
if(version_is_less(version:vers, test_version:"10.2")) {
report = report_fixed_ver(installed_version:vers, fixed_version:"10.2", install_path:path);
security_message(port:0, data:report);
exit(0);
}
exit(99);
Related
openvas
openvas
Apple iTunes Multiple Vulnerabilities (Mac OS X)
2011-08-26 00:00:00
Fedora Update for libpng10 FEDORA-2010-10823
2010-07-23 00:00:00
Fedora Update for mingw32-libpng FEDORA-2010-10776
2010-07-30 00:00:00
slackware
slackware
[slackware-security] libpng
2010-06-30 06:39:45
ubuntu
ubuntu
libpng vulnerabilities
2010-07-08 00:00:00
Thunderbird vulnerabilities
2010-07-26 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: libpng10-1.0.54-1.fc13
2010-07-20 22:32:04
[SECURITY] Fedora 13 Update: libpng-1.2.44-1.fc13
2010-07-01 18:36:39
[SECURITY] Fedora 13 Update: mingw32-libpng-1.2.44-1.fc13
2010-07-27 02:50:02
nessus
nessus
Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : libpng vulnerabilities (USN-960-1)
2010-07-09 00:00:00
Fedora 12 : libpng-1.2.44-1.fc12 (2010-10592)
2010-07-06 00:00:00
SuSE9 Security Update : libpng (YOU Patch Number 12642)
2010-09-12 00:00:00
debian
debian
[SECURITY] [DSA 2072-1] New libpng packages fix several vulnerabilities
2010-07-19 12:27:24
[SECURITY] [DSA 2072-1] New libpng packages fix several vulnerabilities
2010-07-19 12:27:24
[SECURITY] [DSA 2075-1] New xulrunner packages fix several vulnerabilities
2010-07-27 19:47:37
securityvulns
securityvulns
libpng multiple security vulnerabilities
2010-07-11 00:00:00
[USN-960-1] libpng vulnerabilities
2010-07-11 00:00:00
osv
osv
libpng - several vulnerabilities
2010-07-19 00:00:00
xulrunner - several vulnerabilities
2010-07-27 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package libpng version 1.2.44-alt1
2010-06-29 00:00:00
Security fix for the ALT Linux 6 package libpng version 1.2.44-alt1
2010-06-29 00:00:00
gentoo
gentoo
Libpng: Multiple vulnerabilities
2010-10-05 00:00:00
redhat
redhat
(RHSA-2010:0534) Important: libpng security update
2010-07-14 00:00:00
(RHSA-2010:0546) Critical: seamonkey security update
2010-07-20 00:00:00
(RHSA-2010:0545) Critical: thunderbird security update
2010-07-20 00:00:00
oraclelinux
oraclelinux
libpng security update
2010-07-14 00:00:00
seamonkey security update
2010-07-21 00:00:00
centos
centos
libpng, libpng10 security update
2010-07-14 22:40:18
seamonkey security update
2010-08-16 21:36:58
thunderbird security update
2010-07-22 14:50:56
cve
cve
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:43:56
Arbitrary Code Execution
2020-04-10 00:43:55
debiancve
debiancve
CVE-2010-2249
2010-06-30 18:30:01
CVE-2010-1205
2010-06-30 18:30:01
cvelist
cvelist
nvd
nvd
ubuntucve
ubuntucve
CVE-2010-2249
2010-06-30 00:00:00
CVE-2010-1205
2010-06-30 00:00:00
prion
prion
Heap overflow
2011-03-03 20:00:00
Memory corruption
2010-06-30 18:30:00
Buffer overflow
2010-06-30 18:30:00
cert
cert
libpng fails to limit number of rows in header
2010-07-02 00:00:00
packetstorm
packetstorm
libpng 1.4.2 Denial Of Service
2010-07-21 00:00:00
freebsd
freebsd
png -- libpng decompression buffer overflow
2010-03-30 00:00:00
mozilla -- multiple vulnerabilities
2010-07-20 00:00:00
seebug
seebug
libpng <= 1.4.2 - Denial of Service Vulnerability
2014-07-01 00:00:00
checkpoint_advisories
checkpoint_advisories
Incorrect libpng Usage Heap Overflow- Ver2 (CVE-2010-1205)
2015-05-18 00:00:00
mozilla
mozilla
Remote code execution using malformed PNG image — Mozilla
2010-07-20 00:00:00
exploitpack
exploitpack
libpng 1.4.2 - Denial of Service
2010-07-20 00:00:00
vmware
vmware
VMware Workstation, Player, and ACE address several security issues.
2010-09-23 00:00:00
VMware Workstation, Player, and ACE address several security issues.
2010-09-23 00:00:00
kaspersky
kaspersky
KLA10386 Multiple vulnerabilities in VMware
2010-09-23 00:00:00
exploitdb
exploitdb
libpng 1.4.2 - Denial of Service
2010-07-20 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
Low
0.664 Medium
EPSS
Percentile
98.0%
Related for OPENVAS:1361412562310902718