Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information.
Max CVSS
2.6
EPSS Score
0.21%
Published
2008-09-11
Updated
2008-09-11
Apple iTunes 7.0.2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted XML list of radio stations, which results in memory corruption. NOTE: iTunes retrieves the XML document from a static URL, which requires an attacker to perform DNS spoofing or man-in-the-middle attacks for exploitation.
Max CVSS
2.6
EPSS Score
1.87%
Published
2007-02-20
Updated
2018-10-16
2 vulnerabilities found