CVE-2011-0192
Vulnerability from cvelistv5
Published
2011-03-03 19:00
Modified
2024-08-06 21:43
Severity ?
Summary
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.
References
product-security@apple.comhttp://blackberry.com/btsc/KB27244
product-security@apple.comhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
product-security@apple.comhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011/Mar/msg00000.htmlPatch, Vendor Advisory
product-security@apple.comhttp://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
product-security@apple.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html
product-security@apple.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html
product-security@apple.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html
product-security@apple.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html
product-security@apple.comhttp://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
product-security@apple.comhttp://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
product-security@apple.comhttp://secunia.com/advisories/43585
product-security@apple.comhttp://secunia.com/advisories/43593
product-security@apple.comhttp://secunia.com/advisories/43664
product-security@apple.comhttp://secunia.com/advisories/43934
product-security@apple.comhttp://secunia.com/advisories/44117
product-security@apple.comhttp://secunia.com/advisories/44135
product-security@apple.comhttp://secunia.com/advisories/50726
product-security@apple.comhttp://security.gentoo.org/glsa/glsa-201209-02.xml
product-security@apple.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.587820
product-security@apple.comhttp://support.apple.com/kb/HT4554Vendor Advisory
product-security@apple.comhttp://support.apple.com/kb/HT4564
product-security@apple.comhttp://support.apple.com/kb/HT4565
product-security@apple.comhttp://support.apple.com/kb/HT4566
product-security@apple.comhttp://support.apple.com/kb/HT4581
product-security@apple.comhttp://support.apple.com/kb/HT4999
product-security@apple.comhttp://support.apple.com/kb/HT5001
product-security@apple.comhttp://www.debian.org/security/2011/dsa-2210
product-security@apple.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:043
product-security@apple.comhttp://www.redhat.com/support/errata/RHSA-2011-0318.html
product-security@apple.comhttp://www.securityfocus.com/bid/46658
product-security@apple.comhttp://www.securitytracker.com/id?1025153
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0551
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0599
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0621
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0845
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0905
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0930
product-security@apple.comhttp://www.vupen.com/english/advisories/2011/0960
product-security@apple.comhttps://bugzilla.redhat.com/show_bug.cgi?id=678635
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0845",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0845"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4564"
          },
          {
            "name": "SUSE-SR:2011:009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4565"
          },
          {
            "name": "ADV-2011-0599",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0599"
          },
          {
            "name": "SSA:2011-098-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
          },
          {
            "name": "46658",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46658"
          },
          {
            "name": "APPLE-SA-2011-10-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
          },
          {
            "name": "43934",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43934"
          },
          {
            "name": "FEDORA-2011-2498",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "name": "FEDORA-2011-3836",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
          },
          {
            "name": "ADV-2011-0621",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0621"
          },
          {
            "name": "ADV-2011-0905",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0905"
          },
          {
            "name": "DSA-2210",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2210"
          },
          {
            "name": "APPLE-SA-2011-03-21-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
          },
          {
            "name": "SUSE-SR:2011:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blackberry.com/btsc/KB27244"
          },
          {
            "name": "RHSA-2011:0318",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
          },
          {
            "name": "APPLE-SA-2011-03-02-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "name": "43664",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43664"
          },
          {
            "name": "ADV-2011-0551",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0551"
          },
          {
            "name": "GLSA-201209-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
          },
          {
            "name": "APPLE-SA-2011-03-09-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
          },
          {
            "name": "ADV-2011-0930",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0930"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4999"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
          },
          {
            "name": "1025153",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025153"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5001"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "name": "APPLE-SA-2011-03-09-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
          },
          {
            "name": "44135",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44135"
          },
          {
            "name": "ADV-2011-0960",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0960"
          },
          {
            "name": "43585",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43585"
          },
          {
            "name": "APPLE-SA-2011-03-09-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
          },
          {
            "name": "44117",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44117"
          },
          {
            "name": "APPLE-SA-2011-10-12-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
          },
          {
            "name": "MDVSA-2011:043",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
          },
          {
            "name": "43593",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43593"
          },
          {
            "name": "FEDORA-2011-3827",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
          },
          {
            "name": "FEDORA-2011-2540",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
          },
          {
            "name": "50726",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50726"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4581"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-02-10T16:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "name": "ADV-2011-0845",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0845"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4564"
        },
        {
          "name": "SUSE-SR:2011:009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4565"
        },
        {
          "name": "ADV-2011-0599",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0599"
        },
        {
          "name": "SSA:2011-098-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
        },
        {
          "name": "46658",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46658"
        },
        {
          "name": "APPLE-SA-2011-10-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
        },
        {
          "name": "43934",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43934"
        },
        {
          "name": "FEDORA-2011-2498",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4566"
        },
        {
          "name": "FEDORA-2011-3836",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
        },
        {
          "name": "ADV-2011-0621",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0621"
        },
        {
          "name": "ADV-2011-0905",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0905"
        },
        {
          "name": "DSA-2210",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2210"
        },
        {
          "name": "APPLE-SA-2011-03-21-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
        },
        {
          "name": "SUSE-SR:2011:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blackberry.com/btsc/KB27244"
        },
        {
          "name": "RHSA-2011:0318",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
        },
        {
          "name": "APPLE-SA-2011-03-02-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
        },
        {
          "name": "43664",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43664"
        },
        {
          "name": "ADV-2011-0551",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0551"
        },
        {
          "name": "GLSA-201209-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
        },
        {
          "name": "APPLE-SA-2011-03-09-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
        },
        {
          "name": "ADV-2011-0930",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0930"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4999"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
        },
        {
          "name": "1025153",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025153"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5001"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4554"
        },
        {
          "name": "APPLE-SA-2011-03-09-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
        },
        {
          "name": "44135",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44135"
        },
        {
          "name": "ADV-2011-0960",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0960"
        },
        {
          "name": "43585",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43585"
        },
        {
          "name": "APPLE-SA-2011-03-09-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
        },
        {
          "name": "44117",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44117"
        },
        {
          "name": "APPLE-SA-2011-10-12-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
        },
        {
          "name": "MDVSA-2011:043",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
        },
        {
          "name": "43593",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43593"
        },
        {
          "name": "FEDORA-2011-3827",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
        },
        {
          "name": "FEDORA-2011-2540",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
        },
        {
          "name": "50726",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50726"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4581"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0192",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2011-0845",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0845"
            },
            {
              "name": "http://support.apple.com/kb/HT4564",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4564"
            },
            {
              "name": "SUSE-SR:2011:009",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4565",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4565"
            },
            {
              "name": "ADV-2011-0599",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0599"
            },
            {
              "name": "SSA:2011-098-01",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820"
            },
            {
              "name": "46658",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46658"
            },
            {
              "name": "APPLE-SA-2011-10-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
            },
            {
              "name": "43934",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43934"
            },
            {
              "name": "FEDORA-2011-2498",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4566",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4566"
            },
            {
              "name": "FEDORA-2011-3836",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html"
            },
            {
              "name": "ADV-2011-0621",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0621"
            },
            {
              "name": "ADV-2011-0905",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0905"
            },
            {
              "name": "DSA-2210",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2210"
            },
            {
              "name": "APPLE-SA-2011-03-21-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
            },
            {
              "name": "SUSE-SR:2011:005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "http://blackberry.com/btsc/KB27244",
              "refsource": "CONFIRM",
              "url": "http://blackberry.com/btsc/KB27244"
            },
            {
              "name": "RHSA-2011:0318",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0318.html"
            },
            {
              "name": "APPLE-SA-2011-03-02-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
            },
            {
              "name": "43664",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43664"
            },
            {
              "name": "ADV-2011-0551",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0551"
            },
            {
              "name": "GLSA-201209-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
            },
            {
              "name": "APPLE-SA-2011-03-09-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
            },
            {
              "name": "ADV-2011-0930",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0930"
            },
            {
              "name": "http://support.apple.com/kb/HT4999",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4999"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=678635",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678635"
            },
            {
              "name": "1025153",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025153"
            },
            {
              "name": "http://support.apple.com/kb/HT5001",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5001"
            },
            {
              "name": "http://support.apple.com/kb/HT4554",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4554"
            },
            {
              "name": "APPLE-SA-2011-03-09-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
            },
            {
              "name": "44135",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44135"
            },
            {
              "name": "ADV-2011-0960",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0960"
            },
            {
              "name": "43585",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43585"
            },
            {
              "name": "APPLE-SA-2011-03-09-3",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
            },
            {
              "name": "44117",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44117"
            },
            {
              "name": "APPLE-SA-2011-10-12-2",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html"
            },
            {
              "name": "MDVSA-2011:043",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:043"
            },
            {
              "name": "43593",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43593"
            },
            {
              "name": "FEDORA-2011-3827",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html"
            },
            {
              "name": "FEDORA-2011-2540",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html"
            },
            {
              "name": "50726",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/50726"
            },
            {
              "name": "http://support.apple.com/kb/HT4581",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4581"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0192",
    "datePublished": "2011-03-03T19:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-0192\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2011-03-03T20:00:02.643\",\"lastModified\":\"2014-02-21T04:39:24.093\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer en LibTIFF en ImageIO en iTunes de Apple antesrior a v10.2 en Windows permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (solicitud de bloqueo) a trav\u00e9s de una imagen TIFF manipulada con CCITT Grupo 4 de codificaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":9.3},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.1.2\",\"matchCriteriaId\":\"E40F7857-8F3F-4707-B3AA-A12C0731BB83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CBD58D1-C40D-4F6D-816F-A3842897EB05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C910CA4-5EA5-4507-BDE9-3E6C1434B666\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1B4195D-1550-42D1-B562-0E438F7ACC2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4B6A66A-AC5F-48E0-ABCE-68828207B106\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1206A192-A22C-4C55-A323-1D28D89BED21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"071BFB1F-402B-4D8C-8155-671792AEDB81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCBA60E9-C5B5-4B4C-9FA3-7FE0F3F6871C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93748DFC-6003-4BED-87F9-98713F6897EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A8873F1-4792-41A1-83B5-B85C9F4A7D56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB84AFE4-2694-475A-80D3-4D50C524EE18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48FDD0A-6DE5-44DD-B144-32B91DB26C7E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8343D87F-FA37-4225-B27D-BCCDD2433C31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B591AE1E-02DB-462A-B71F-48947525D232\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34B5892B-0377-4D81-9E0E-94B8D8CE72C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2276BED4-82F0-4F62-AA6F-7E1667F28E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D47548-1C4D-4368-99D1-929905DD6B3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28AE8D2D-63CA-4091-9D59-CE919EB1FD75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52A433A5-3EFF-405D-8285-97EC88857968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"582D1FE8-C4E8-4385-B4EB-34320F019E43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FEE6DEC-9B26-47F4-A2CF-CA49981C8864\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2223B8E2-346A-4C37-9F6C-879F9CA64C06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93E5227C-0621-43EE-A0F2-4B4545D71852\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB69B123-7A09-4855-9846-E8ACACB3C6F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0CC53F2-3827-4CA3-8726-C481B57B4AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C1AFF8F-BBCA-4C93-A401-F8B478327BFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BA3571F-9221-45CD-9798-CC72CA428D6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"129ABCA4-FBF6-41B8-BF6B-65467D56D297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"017E5A35-D778-46FD-A536-E57A13162675\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6122C685-4F02-476F-9A41-9C62D3D92651\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D37426-00A0-40E5-A27A-CF31D8CBAEEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E11CADC-AFCC-4A98-9271-C35BC9752B40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F1530E-9E63-4A39-9056-3A946A34B650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3856A348-A0D6-4A0A-A8C9-D369CC863A97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E92D8D-68AB-4FC4-A37A-D6D48829B58D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"670656BF-2BE2-41ED-854A-466DC4068FBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDE7F79F-54F5-4315-98BD-414CA2D1C51E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBBF2E9F-0F37-4DDA-9704-B31D94745257\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBA5AB05-ADF6-4B5D-A4FD-9C149EC4577F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1143A4DE-F75B-4396-9D01-CE14EF8FCB39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A02D076B-5900-401D-9B47-5136B9CEAA15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E479501-8832-41B0-A63C-360AE5A1B420\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8961EDA-B567-4D92-8DBC-F887712F3BD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A60A3349-DE6E-4381-81C0-E682B791ED61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EF2759C-6F94-4769-8EB2-16947C05CBB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0F53FF4-8A15-475C-9FF6-54073A3F1B08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80AFD7E5-A66F-4E43-BC34-EB6BF59186D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E41B2E2A-CE22-49FD-9558-0E6C87F53425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1950796-DA96-4443-85F4-91FE38A26612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5EBED9A-DCF4-47FE-9A6D-4573594AA645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F7EA3F3-576C-4661-B35F-EC34CE363125\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C3A6055-2626-4A6E-9596-9974E7437FB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00AF4F28-A71C-4CB3-8F5F-C15500332954\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5817849-ADD0-4905-87D5-4D61DB635747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96E90253-3F7D-4361-819B-5D49657F4472\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CDE68E5-744B-4E18-BB74-83D7185E6A57\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D56B932B-9593-44E2-B610-E4EB2143EB21\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3852BB02-47A1-40B3-8E32-8D8891A53114\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C162FFF0-1E8F-4DCF-A08F-6C6E324ED878\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A0D2704-C058-420B-B368-372D1129E914\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B339C33-8896-4896-88FF-88E74FDBC543\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE477A73-4EE4-41E9-8694-5A3D5DC88656\"}]}]}],\"references\":[{\"url\":\"http://blackberry.com/btsc/KB27244\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html\",\"source\":\"product-security@apple.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057763.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057840.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055240.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055683.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/43585\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/43593\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/43664\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/43934\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/44117\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/44135\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://secunia.com/advisories/50726\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201209-02.xml\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.587820\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4554\",\"source\":\"product-security@apple.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT4564\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4565\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4566\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4581\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT4999\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://support.apple.com/kb/HT5001\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.debian.org/security/2011/dsa-2210\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:043\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0318.html\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securityfocus.com/bid/46658\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.securitytracker.com/id?1025153\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0551\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0599\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0621\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0845\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0905\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0930\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0960\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=678635\",\"source\":\"product-security@apple.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.