Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:E0D39C7B1C18FF35DF30DD0DF296FF4E
HistoryJul 06, 2009 - 12:00 a.m.

Apple iTunes itms: URL buffer overflow

2009-07-0600:00:00
SAINT Corporation
download.saintcorporation.com
9

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.963

Percentile

99.6%

JSON

Added: 07/06/2009
CVE: CVE-2009-0950
BID: 35157
OSVDB: 54833

Background

iTunes is a free media player for multiple platforms.

Problem

A buffer overflow vulnerability allows command execution when a user opens a specially crafted **itms://** URL.

Resolution

Upgrade to iTunes 8.2 or higher.

References

<http://support.apple.com/kb/HT3592&gt;

Limitations

Exploit works on iTunes 8.1.1 and requires a user to open the exploit URL in iTunes.

Platforms

Windows XP

Related

cvelist 1
nvd 1
openvas 2
prion 1
metasploit 1
securityvulns 2
seebug 4
nessus 3
packetstorm 2
saint 3
exploitpack 3
checkpoint_advisories 1
cve 1
exploitdb 4
cvelist
cvelist
CVE-2009-0950
2009-06-02 18:00:00
nvd
nvd
CVE-2009-0950
2009-06-02 18:30:00
openvas
openvas
Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability (HT3592)
2009-06-04 00:00:00
Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability
2009-06-04 00:00:00
prion
prion
Stack overflow
2009-06-02 18:30:00
metasploit
metasploit
Apple OS X iTunes 8.1.1 ITMS Overflow
2009-06-05 02:30:24
securityvulns
securityvulns
TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities
2009-06-04 00:00:00
Apple iTunes multiple security vulnerabilities
2009-06-04 00:00:00
seebug
seebug
Apple iTunes 8.1.1 (ITMS) Multiple Protocol Handler BOF Exploit (meta)
2009-06-04 00:00:00
Apple iTunes itms: URIζ ˆζΊ’ε‡ΊζΌζ΄ž
2009-06-04 00:00:00
Apple iTunes 8.1.x - (daap) Buffer Overflow Remote Exploit
2014-07-01 00:00:00
nessus
nessus
Apple iTunes < 8.2 itms: URI Handling Overflow (credentialed check)
2009-06-02 00:00:00
iTunes < 8.2 itms: URL Stack Overflow (Mac OS X)
2009-06-02 00:00:00
Apple iTunes < 8.2 itms: URI Handling Overflow (uncredentialed check)
2009-06-02 00:00:00
packetstorm
packetstorm
Apple iTunes 8.1.1.10 Buffer Overflow Exploit
2009-06-12 00:00:00
Apple OS X iTunes 8.1.1 ITMS Overflow
2009-12-31 00:00:00
saint
saint
Apple iTunes itms: URL buffer overflow
2009-07-06 00:00:00
Apple iTunes itms: URL buffer overflow
2009-07-06 00:00:00
Apple iTunes itms: URL buffer overflow
2009-07-06 00:00:00
exploitpack
exploitpack
Apple iTunes 8.1.1.10 (Windows) - itmsitcp Remote Buffer Overflow
2009-06-12 00:00:00
Apple iTunes 8.1.x - daap Remote Buffer Overflow
2010-01-14 00:00:00
Apple iTunes 8.1.1 - ITMS Multiple Protocol Handler Buffer Overflow (Metasploit)
2009-06-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple iTunes Protocol Handler Stack Buffer Overflow (CVE-2009-0950)
2010-02-01 00:00:00
cve
cve
CVE-2009-0950
2009-06-02 18:30:00
exploitdb
exploitdb
Apple iTunes 8.1.1.10 (Windows) - &#039;itms/itcp&#039; Remote Buffer Overflow
2009-06-12 00:00:00
Apple iTunes 8.1.x - &#039;daap&#039; Remote Buffer Overflow
2010-01-14 00:00:00
Apple iTunes 8.1.1 - &#039;ITMS&#039; Multiple Protocol Handler Buffer Overflow (Metasploit)
2009-06-03 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.963

Percentile

99.6%

JSON
Related for SAINT:E0D39C7B1C18FF35DF30DD0DF296FF4E
cvelist1nvd1openvas2prion1metasploit1securityvulns2seebug4nessus3packetstorm2saint3exploitpack3checkpoint_advisories1cve1exploitdb4