Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3634

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2008-3634
Last Modified 11 Sep 2008 12:00:00
Published 10 Sep 2008 09:13:09
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2008-3634

Summary

Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information.

Vulnerable Systems

Application

  • Apple Itunes

  • Apple Itunes 1.0

  • Apple Itunes 1.1

  • Apple Itunes 1.1.1

  • Apple Itunes 1.1.2

  • Apple Itunes 2.0

  • Apple Itunes 2.0.1

  • Apple Itunes 2.0.2

  • Apple Itunes 2.0.3

  • Apple Itunes 2.0.4

  • Apple Itunes 3.0

  • Apple Itunes 3.0.1

  • Apple Itunes 4.0

  • Apple Itunes 4.0.1

  • Apple Itunes 4.1

  • Apple Itunes 4.2

  • Apple Itunes 4.2.72

  • Apple Itunes 4.5

  • Apple Itunes 4.6

  • Apple Itunes 4.7

  • Apple Itunes 4.7.1

  • Apple Itunes 4.7.1.30

  • Apple Itunes 4.8

  • Apple Itunes 4.9

  • Apple Itunes 5.0

  • Apple Itunes 5.0.1

  • Apple Itunes 6.0

  • Apple Itunes 6.0.1

  • Apple Itunes 6.0.2

  • Apple Itunes 6.0.3

  • Apple Itunes 6.0.4

  • Apple Itunes 6.0.4.2

  • Apple Itunes 6.0.5

  • Apple Itunes 7.0.2

  • Apple Itunes 7.3.2

  • Apple Itunes 7.4

  • Apple Itunes 7.4.1

  • Apple Itunes 7.4.2

  • Apple Itunes 7.4.3

  • Apple Itunes 7.5

  • Apple Itunes 7.6

  • Apple Itunes 7.6.1

  • Apple Itunes 7.6.2

  • Apple Itunes 7.7

  • Apple Itunes 7.7.1


References

BID - 31090

APPLE - APPLE-SA-2009-09-09

SECTRACK - 1020840

Related Patches

Apple 2008-09-09 iTunes 8 for Mac (Update) (See Note)


Last Updated: 27 May 2016 10:48:15