Apple Itunes vulnerabilities
953 known vulnerabilities affecting apple/itunes.
Total CVEs
953
CISA KEV
2
actively exploited
Public exploits
77
Exploited in wild
3
Severity breakdown
CRITICAL114HIGH486MEDIUM348LOW5
Vulnerabilities
Page 41 of 48
CVE-2011-2815HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2815 [HIGH] CWE-119 CVE-2011-2815: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-3237HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-3237 [HIGH] CWE-119 CVE-2011-3237: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2354HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2354 [HIGH] CWE-119 CVE-2011-2354: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2814HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2814 [HIGH] CWE-119 CVE-2011-2814: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-0259HIGHCVSS 7.6≤ 10.4.1v4.0.0+68 more2011-10-12
CVE-2011-0259 [HIGH] CWE-119 CVE-2011-0259: CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization,
CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
nvd
CVE-2011-2341HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2341 [HIGH] CWE-119 CVE-2011-2341: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2809HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2809 [HIGH] CWE-119 CVE-2011-2809: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-3236HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-3236 [HIGH] CWE-119 CVE-2011-3236: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2352HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2352 [HIGH] CWE-119 CVE-2011-2352: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-3241HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-3241 [HIGH] CWE-119 CVE-2011-3241: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-3235HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-3235 [HIGH] CWE-119 CVE-2011-3235: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2816HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2816 [HIGH] CWE-119 CVE-2011-2816: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2817HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2817 [HIGH] CWE-119 CVE-2011-2817: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2356HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2356 [HIGH] CWE-119 CVE-2011-2356: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2820HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2820 [HIGH] CWE-119 CVE-2011-2820: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-3244HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-3244 [HIGH] CWE-119 CVE-2011-3244: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2339HIGHCVSS 7.6≤ 10.4.1v4.0.0+68 more2011-10-12
CVE-2011-2339 [HIGH] CWE-119 CVE-2011-2339: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2813HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2813 [HIGH] CWE-119 CVE-2011-2813: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-3238HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-3238 [HIGH] CWE-119 CVE-2011-3238: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd
CVE-2011-2811HIGHCVSS 7.6≤ 10.4.1v4.0.0+56 more2011-10-12
CVE-2011-2811 [HIGH] CWE-119 CVE-2011-2811: WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
nvd