Apple Itunes vulnerabilities
953 known vulnerabilities affecting apple/itunes.
Total CVEs
953
CISA KEV
2
actively exploited
Public exploits
77
Exploited in wild
3
Severity breakdown
CRITICAL114HIGH486MEDIUM348LOW5
Vulnerabilities
Page 32 of 48
CVE-2013-1003CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1003 [CRITICAL] CWE-399 CVE-2013-1003: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1006CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1006 [CRITICAL] CWE-399 CVE-2013-1006: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1004CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1004 [CRITICAL] CWE-399 CVE-2013-1004: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1008CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1008 [CRITICAL] CWE-399 CVE-2013-1008: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1001CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1001 [CRITICAL] CWE-399 CVE-2013-1001: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1000CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1000 [CRITICAL] CWE-119 CVE-2013-1000: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1005CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1005 [CRITICAL] CWE-399 CVE-2013-1005: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-0999CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-0999 [CRITICAL] CWE-119 CVE-2013-0999: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1007CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1007 [CRITICAL] CWE-399 CVE-2013-1007: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1002CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1002 [CRITICAL] CWE-399 CVE-2013-1002: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1010CRITICALCVSS 9.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1010 [CRITICAL] CWE-399 CVE-2013-1010: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-0998MEDIUMCVSS 6.8≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-0998 [MEDIUM] CWE-399 CVE-2013-0998: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1011MEDIUMCVSS 6.8≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1011 [MEDIUM] CWE-399 CVE-2013-1011: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-0992MEDIUMCVSS 6.8≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-0992 [MEDIUM] CWE-399 CVE-2013-0992: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-0994MEDIUMCVSS 6.8≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-0994 [MEDIUM] CWE-399 CVE-2013-0994: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-0995MEDIUMCVSS 6.8≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-0995 [MEDIUM] CWE-399 CVE-2013-0995: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-1014MEDIUMCVSS 4.3≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-1014 [MEDIUM] CWE-20 CVE-2013-1014: Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-midd
Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate.
nvd
CVE-2013-0991MEDIUMCVSS 6.8≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-0991 [MEDIUM] CWE-399 CVE-2013-0991: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-0997MEDIUMCVSS 6.8≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-0997 [MEDIUM] CWE-399 CVE-2013-0997: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd
CVE-2013-0993MEDIUMCVSS 6.8≤ 11.0.2v4.0.0+77 more2013-05-20
CVE-2013-0993 [MEDIUM] CWE-399 CVE-2013-0993: WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
nvd