CVE-2007-1008 - Unspecified vulnerability in Apple Itunes 7.0.2

Vulnerable Configurations

Part	Description	Count
Application	Apple Apple Itunes 7.0.2	1

Exploit-Db

description	Apple iTunes 7.0.2 XML Parsing Remote Denial of Service Vulnerability. CVE-2007-1008. Dos exploit for osx platform
id	EDB-ID:29616
last seen	2016-02-03
modified	2007-02-19
published	2007-02-19
reporter	poplix
source	https://www.exploit-db.com/download/29616/
title	Apple iTunes 7.0.2 XML Parsing Remote Denial of Service Vulnerability

Oval

accepted

2015-06-22T04:00:14.724-04:00

class

vulnerability

contributors

name Shane Shaffer
organization G2, Inc.
name Shane Shaffer
organization G2, Inc.
name Bernd Eggenmueller
organization baramundi software

definition_extensions

comment	Apple iTunes is installed
oval	oval:org.mitre.oval:def:12353

description

Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to perform DNS spoofing or man-in-the-middle attacks for exploitation.

family

windows

id

oval:org.mitre.oval:def:16978

status

accepted

submitted

2013-07-30T11:32:03.685-04:00

title

Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to perform DNS spoofing or man-in-the-middle attacks for exploitation

version

7

Vulnerabilities > CVE-2007-1008 - Unspecified vulnerability in Apple Itunes 7.0.2

Summary

Vulnerable Configurations

Exploit-Db

Oval

References