CVE-2009-0950 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2009-0950
Status UNKNOWN
Description Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.
Severity High
CVSS score 9,3
CVSS vector (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Phase ASSIGNED (07.08.2009)
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0950
References APPLE : APPLE-SA-2009-06-01-2
BID : 35157
BUGTRAQ : 20090602 Re: TPTI-09-03: Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities
CONFIRM : http://support.apple.com/kb/HT3592
MILW0RM : 8861
MILW0RM : 8934
MISC : http://redpig.dataspill.org/2009/05/drive-by-attac...
MISC : http://static.dataspill.org/releases/itunes/itms_o...
OSVDB : 54833
SECTRACK : 1022313
SECUNIA : 35314
VUPEN : ADV-2009-1470
XF : itunes-itms-bo(50899)
SecurityVulns: Apple iTunes multiple security vulnerabilities

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server