Filtered by vendor Apple Subscriptions
Filtered by product Itunes Subscriptions
Total 922 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-0120 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2024-11-21 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0119 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2024-11-21 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0118 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2024-11-21 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0117 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2024-11-21 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0116 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2024-11-21 N/A
Use-after-free vulnerability in the setOuterText method in the htmlelement library in WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to DOM manipulations during iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0115 2 Apple, Microsoft 7 Itunes, Safari, Webkit and 4 more 2024-11-21 N/A
The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0114 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2024-11-21 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0113 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2024-11-21 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0112 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2024-11-21 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2011-0111 2 Apple, Microsoft 6 Itunes, Webkit, Windows and 3 more 2024-11-21 N/A
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
CVE-2010-4494 10 Apache, Apple, Debian and 7 more 18 Openoffice, Iphone Os, Itunes and 15 more 2024-11-21 N/A
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
CVE-2010-4008 9 Apache, Apple, Canonical and 6 more 16 Openoffice, Iphone Os, Itunes and 13 more 2024-11-21 N/A
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.
CVE-2010-3190 2 Apple, Microsoft 4 Itunes, Visual C\+\+, Visual Studio and 1 more 2024-11-21 N/A
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory that contains a TRC, cur, rs, rct, or res file, aka "MFC Insecure Library Loading Vulnerability."
CVE-2010-2249 9 Apple, Canonical, Debian and 6 more 13 Iphone Os, Itunes, Safari and 10 more 2024-11-21 6.5 Medium
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
CVE-2010-1824 2 Apple, Google 2 Itunes, Chrome 2024-11-21 N/A
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages.
CVE-2010-1823 2 Apple, Google 3 Itunes, Safari, Chrome 2024-11-21 N/A
Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger use of document APIs such as document.close during parsing, as demonstrated by a Cascading Style Sheets (CSS) file referencing an invalid SVG font, aka rdar problem 8442098.
CVE-2010-1795 1 Apple 1 Itunes 2024-11-21 N/A
Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.
CVE-2010-1777 2 Apple, Microsoft 5 Itunes, Mac Os X, Windows 7 and 2 more 2024-11-21 N/A
Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL.
CVE-2010-1769 2 Apple, Microsoft 4 Itunes, Windows 7, Windows Vista and 1 more 2024-11-21 N/A
WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763.
CVE-2010-1768 1 Apple 1 Itunes 2024-11-21 N/A
Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch.