{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-03-02T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-02-10T16:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"name": "ADV-2011-0845", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0845"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4564"}, {"name": "SUSE-SR:2011:009", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4565"}, {"name": "ADV-2011-0599", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0599"}, {"name": "SSA:2011-098-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820"}, {"name": "46658", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46658"}, {"name": "APPLE-SA-2011-10-12-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"name": "43934", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43934"}, {"name": "FEDORA-2011-2498", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4566"}, {"name": "FEDORA-2011-3836", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"}, {"name": "ADV-2011-0621", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0621"}, {"name": "ADV-2011-0905", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0905"}, {"name": "DSA-2210", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2011/dsa-2210"}, {"name": "APPLE-SA-2011-03-21-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"}, {"name": "SUSE-SR:2011:005", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://blackberry.com/btsc/KB27244"}, {"name": "RHSA-2011:0318", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"}, {"name": "APPLE-SA-2011-03-02-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"}, {"name": "43664", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43664"}, {"name": "ADV-2011-0551", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0551"}, {"name": "GLSA-201209-02", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"}, {"name": "APPLE-SA-2011-03-09-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"}, {"name": "ADV-2011-0930", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0930"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4999"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"}, {"name": "1025153", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1025153"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT5001"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4554"}, {"name": "APPLE-SA-2011-03-09-2", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"}, {"name": "44135", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/44135"}, {"name": "ADV-2011-0960", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0960"}, {"name": "43585", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43585"}, {"name": "APPLE-SA-2011-03-09-3", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"}, {"name": "44117", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/44117"}, {"name": "APPLE-SA-2011-10-12-2", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"}, {"name": "MDVSA-2011:043", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"}, {"name": "43593", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43593"}, {"name": "FEDORA-2011-3827", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"}, {"name": "FEDORA-2011-2540", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"}, {"name": "50726", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50726"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4581"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2011-0192", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2011-0845", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0845"}, {"name": "http://support.apple.com/kb/HT4564", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4564"}, {"name": "SUSE-SR:2011:009", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"}, {"name": "http://support.apple.com/kb/HT4565", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4565"}, {"name": "ADV-2011-0599", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0599"}, {"name": "SSA:2011-098-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820"}, {"name": "46658", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46658"}, {"name": "APPLE-SA-2011-10-12-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"name": "43934", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43934"}, {"name": "FEDORA-2011-2498", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"}, {"name": "http://support.apple.com/kb/HT4566", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4566"}, {"name": "FEDORA-2011-3836", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"}, {"name": "ADV-2011-0621", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0621"}, {"name": "ADV-2011-0905", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0905"}, {"name": "DSA-2210", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2011/dsa-2210"}, {"name": "APPLE-SA-2011-03-21-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"}, {"name": "SUSE-SR:2011:005", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"name": "http://blackberry.com/btsc/KB27244", "refsource": "CONFIRM", "url": "http://blackberry.com/btsc/KB27244"}, {"name": "RHSA-2011:0318", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"}, {"name": "APPLE-SA-2011-03-02-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"}, {"name": "43664", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43664"}, {"name": "ADV-2011-0551", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0551"}, {"name": "GLSA-201209-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"}, {"name": "APPLE-SA-2011-03-09-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"}, {"name": "ADV-2011-0930", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0930"}, {"name": "http://support.apple.com/kb/HT4999", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4999"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=678635", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"}, {"name": "1025153", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025153"}, {"name": "http://support.apple.com/kb/HT5001", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT5001"}, {"name": "http://support.apple.com/kb/HT4554", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4554"}, {"name": "APPLE-SA-2011-03-09-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"}, {"name": "44135", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/44135"}, {"name": "ADV-2011-0960", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0960"}, {"name": "43585", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43585"}, {"name": "APPLE-SA-2011-03-09-3", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"}, {"name": "44117", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/44117"}, {"name": "APPLE-SA-2011-10-12-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"}, {"name": "MDVSA-2011:043", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"}, {"name": "43593", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43593"}, {"name": "FEDORA-2011-3827", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"}, {"name": "FEDORA-2011-2540", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"}, {"name": "50726", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/50726"}, {"name": "http://support.apple.com/kb/HT4581", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4581"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:43:15.366Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2011-0845", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0845"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4564"}, {"name": "SUSE-SR:2011:009", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4565"}, {"name": "ADV-2011-0599", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0599"}, {"name": "SSA:2011-098-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820"}, {"name": "46658", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46658"}, {"name": "APPLE-SA-2011-10-12-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"name": "43934", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43934"}, {"name": "FEDORA-2011-2498", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4566"}, {"name": "FEDORA-2011-3836", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"}, {"name": "ADV-2011-0621", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0621"}, {"name": "ADV-2011-0905", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0905"}, {"name": "DSA-2210", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2011/dsa-2210"}, {"name": "APPLE-SA-2011-03-21-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"}, {"name": "SUSE-SR:2011:005", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://blackberry.com/btsc/KB27244"}, {"name": "RHSA-2011:0318", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"}, {"name": "APPLE-SA-2011-03-02-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"}, {"name": "43664", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43664"}, {"name": "ADV-2011-0551", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0551"}, {"name": "GLSA-201209-02", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"}, {"name": "APPLE-SA-2011-03-09-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"}, {"name": "ADV-2011-0930", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0930"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4999"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"}, {"name": "1025153", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1025153"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT5001"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4554"}, {"name": "APPLE-SA-2011-03-09-2", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"}, {"name": "44135", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/44135"}, {"name": "ADV-2011-0960", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0960"}, {"name": "43585", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43585"}, {"name": "APPLE-SA-2011-03-09-3", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"}, {"name": "44117", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/44117"}, {"name": "APPLE-SA-2011-10-12-2", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"}, {"name": "MDVSA-2011:043", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"}, {"name": "43593", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43593"}, {"name": "FEDORA-2011-3827", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"}, {"name": "FEDORA-2011-2540", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"}, {"name": "50726", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/50726"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4581"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2011-0192", "datePublished": "2011-03-03T19:00:00", "dateReserved": "2010-12-23T00:00:00", "dateUpdated": "2024-08-06T21:43:15.366Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "matchCriteriaId": "E40F7857-8F3F-4707-B3AA-A12C0731BB83", "versionEndIncluding": "10.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5CBD58D1-C40D-4F6D-816F-A3842897EB05", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C910CA4-5EA5-4507-BDE9-3E6C1434B666", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1B4195D-1550-42D1-B562-0E438F7ACC2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C4B6A66A-AC5F-48E0-ABCE-68828207B106", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1206A192-A22C-4C55-A323-1D28D89BED21", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "071BFB1F-402B-4D8C-8155-671792AEDB81", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "DCBA60E9-C5B5-4B4C-9FA3-7FE0F3F6871C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "93748DFC-6003-4BED-87F9-98713F6897EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A8873F1-4792-41A1-83B5-B85C9F4A7D56", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB84AFE4-2694-475A-80D3-4D50C524EE18", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B48FDD0A-6DE5-44DD-B144-32B91DB26C7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8343D87F-FA37-4225-B27D-BCCDD2433C31", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B591AE1E-02DB-462A-B71F-48947525D232", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "34B5892B-0377-4D81-9E0E-94B8D8CE72C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2276BED4-82F0-4F62-AA6F-7E1667F28E3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "45D47548-1C4D-4368-99D1-929905DD6B3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "28AE8D2D-63CA-4091-9D59-CE919EB1FD75", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "52A433A5-3EFF-405D-8285-97EC88857968", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "582D1FE8-C4E8-4385-B4EB-34320F019E43", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6FEE6DEC-9B26-47F4-A2CF-CA49981C8864", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2223B8E2-346A-4C37-9F6C-879F9CA64C06", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "93E5227C-0621-43EE-A0F2-4B4545D71852", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB69B123-7A09-4855-9846-E8ACACB3C6F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0CC53F2-3827-4CA3-8726-C481B57B4AB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C1AFF8F-BBCA-4C93-A401-F8B478327BFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0BA3571F-9221-45CD-9798-CC72CA428D6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "129ABCA4-FBF6-41B8-BF6B-65467D56D297", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "017E5A35-D778-46FD-A536-E57A13162675", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6122C685-4F02-476F-9A41-9C62D3D92651", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "17D37426-00A0-40E5-A27A-CF31D8CBAEEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "3E11CADC-AFCC-4A98-9271-C35BC9752B40", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "11F1530E-9E63-4A39-9056-3A946A34B650", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3856A348-A0D6-4A0A-A8C9-D369CC863A97", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "29E92D8D-68AB-4FC4-A37A-D6D48829B58D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "670656BF-2BE2-41ED-854A-466DC4068FBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDE7F79F-54F5-4315-98BD-414CA2D1C51E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DBBF2E9F-0F37-4DDA-9704-B31D94745257", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "BBA5AB05-ADF6-4B5D-A4FD-9C149EC4577F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "1143A4DE-F75B-4396-9D01-CE14EF8FCB39", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A02D076B-5900-401D-9B47-5136B9CEAA15", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7E479501-8832-41B0-A63C-360AE5A1B420", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F8961EDA-B567-4D92-8DBC-F887712F3BD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "A60A3349-DE6E-4381-81C0-E682B791ED61", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "6EF2759C-6F94-4769-8EB2-16947C05CBB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B0F53FF4-8A15-475C-9FF6-54073A3F1B08", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "80AFD7E5-A66F-4E43-BC34-EB6BF59186D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E41B2E2A-CE22-49FD-9558-0E6C87F53425", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A1950796-DA96-4443-85F4-91FE38A26612", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E5EBED9A-DCF4-47FE-9A6D-4573594AA645", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "3F7EA3F3-576C-4661-B35F-EC34CE363125", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C3A6055-2626-4A6E-9596-9974E7437FB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "00AF4F28-A71C-4CB3-8F5F-C15500332954", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B5817849-ADD0-4905-87D5-4D61DB635747", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "96E90253-3F7D-4361-819B-5D49657F4472", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4CDE68E5-744B-4E18-BB74-83D7185E6A57", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en LibTIFF en ImageIO en iTunes de Apple antesrior a v10.2 en Windows permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (solicitud de bloqueo) a trav\u00e9s de una imagen TIFF manipulada con CCITT Grupo 4 de codificaci\u00f3n."}], "id": "CVE-2011-0192", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-03-03T20:00:02.643", "references": [{"source": "product-security@apple.com", "url": "http://blackberry.com/btsc/KB27244"}, {"source": "product-security@apple.com", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"source": "product-security@apple.com", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"}, {"source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"}, {"source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"}, {"source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"}, {"source": "product-security@apple.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"}, {"source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"}, {"source": "product-security@apple.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"}, {"source": "product-security@apple.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"}, {"source": "product-security@apple.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"}, {"source": "product-security@apple.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"}, {"source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"source": "product-security@apple.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/43585"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/43593"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/43664"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/43934"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/44117"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/44135"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/50726"}, {"source": "product-security@apple.com", "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"}, {"source": "product-security@apple.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/kb/HT4554"}, {"source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4564"}, {"source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4565"}, {"source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4566"}, {"source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4581"}, {"source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT4999"}, {"source": "product-security@apple.com", "url": "http://support.apple.com/kb/HT5001"}, {"source": "product-security@apple.com", "url": "http://www.debian.org/security/2011/dsa-2210"}, {"source": "product-security@apple.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"}, {"source": "product-security@apple.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"}, {"source": "product-security@apple.com", "url": "http://www.securityfocus.com/bid/46658"}, {"source": "product-security@apple.com", "url": "http://www.securitytracker.com/id?1025153"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0551"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0599"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0621"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0845"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0905"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0930"}, {"source": "product-security@apple.com", "url": "http://www.vupen.com/english/advisories/2011/0960"}, {"source": "product-security@apple.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blackberry.com/btsc/KB27244"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43585"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43593"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43664"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43934"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/44117"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/44135"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/50726"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/kb/HT4554"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4564"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4565"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4566"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4581"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT4999"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT5001"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2011/dsa-2210"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/46658"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025153"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0551"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0599"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0621"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0845"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0905"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0930"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0960"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Apple Product Security for reporting this issue.", "affected_release": [{"advisory": "RHSA-2011:0318", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "libtiff-0:3.6.1-17.el4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2011-03-03T00:00:00Z"}, {"advisory": "RHSA-2011:0318", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "libtiff-0:3.8.2-7.el5_6.6", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2011-03-03T00:00:00Z"}, {"advisory": "RHSA-2011:0318", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "libtiff-0:3.9.4-1.el6_0.1", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2011-03-03T00:00:00Z"}], "bugzilla": {"description": "libtiff: buffer overflow in Fax4Decode", "id": "678635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."], "name": "CVE-2011-0192", "public_date": "2011-03-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-0192\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-0192"], "threat_severity": "Important"}