Vulnerabilities > CVE-2010-1768 - Local Privilege Escalation vulnerability in Apple iTunes Log File Insecure File Operation
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.
Vulnerable Configurations
Nessus
NASL family MacOS X Local Security Checks NASL id MACOSX_ITUNES_9_1.NASL description The remote version of iTunes is older than 9.1. Such versions are potentially affected by multiple vulnerabilities : - An infinite loop in the application last seen 2020-06-01 modified 2020-06-02 plugin id 45389 published 2010-03-31 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45389 title iTunes < 9.1 Multiple Vulnerabilities (Mac OS X) NASL family Peer-To-Peer File Sharing NASL id ITUNES_9_1_BANNER.NASL description The version of Apple iTunes on the remote host is prior to version 9.1. It is, therefore, affected by multiple vulnerabilities : - A buffer underflow in ImageIO last seen 2020-06-01 modified 2020-06-02 plugin id 45391 published 2010-03-31 reporter This script is Copyright (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45391 title Apple iTunes < 9.1 Multiple Vulnerabilities (uncredentialed check)
Oval
accepted | 2015-06-22T04:00:50.025-04:00 | ||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||
description | Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch. | ||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||
id | oval:org.mitre.oval:def:7604 | ||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||
submitted | 2010-09-23T02:48:16 | ||||||||||||||||||||||||
title | Apple iTunes Log File Insecure File Operation Local Privilege Escalation Vulnerability | ||||||||||||||||||||||||
version | 14 |