Vulnerabilities > Apple > Itunes > 8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-08-20 | CVE-2010-1795 | DLL Loading Arbitrary Code Execution vulnerability in Apple iTunes Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory. | 9.3 |
| 2010-06-18 | CVE-2010-1769 | Multiple vulnerability in RETIRED: Apple iPhone/iPod touch Prior to iOS 4 WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763. | 10.0 |
| 2010-06-18 | CVE-2010-1763 | Unspecified vulnerability in Apple Itunes Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769. | 10.0 |
| 2009-09-24 | CVE-2009-2817 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file. | 9.3 |
| 2009-06-02 | CVE-2009-0950 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon. | 9.3 |
| 2008-09-18 | CVE-2008-4116 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Itunes and Quicktime Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow. | 9.3 |