Vulnerabilities > Apple > Itunes > 10.5.1

DATE CVE VULNERABILITY TITLE RISK
2013-09-19 CVE-2013-1037 Buffer Errors vulnerability in Apple Iphone OS, Itunes and Safari
WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2.
network
apple CWE-119
6.8
2013-09-19 CVE-2013-1035 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes
The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
network
apple CWE-119
critical
9.3
2013-09-19 CVE-2011-2391 Improper Input Validation vulnerability in Apple Iphone OS, Itunes and mac OS X
The IPv6 implementation in the kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (CPU consumption) via crafted ICMPv6 packets.
low complexity
apple CWE-20
6.1
2013-05-20 CVE-2013-1014 Improper Input Validation vulnerability in Apple Itunes
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate.
4.3
2013-05-20 CVE-2013-1011 Resource Management Errors vulnerability in Apple Itunes
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
6.8
2013-05-20 CVE-2013-1010 Resource Management Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
network
apple microsoft CWE-399
critical
9.3
2013-05-20 CVE-2013-1008 Resource Management Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
network
apple microsoft CWE-399
critical
9.3
2013-05-20 CVE-2013-1007 Resource Management Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
network
apple microsoft CWE-399
critical
9.3
2013-05-20 CVE-2013-1006 Resource Management Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
network
apple microsoft CWE-399
critical
9.3
2013-05-20 CVE-2013-1005 Resource Management Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
network
apple microsoft CWE-399
critical
9.3