Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0016

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2009-0016
Last Modified 21 Aug 2010 01:29:33
Published 14 Mar 2009 02:30:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0016

Summary

Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.

Vulnerable Systems

Application

  • Apple Itunes 1.0

  • Apple Itunes 1.1.1

  • Apple Itunes 1.1.2

  • Apple Itunes 2.0

  • Apple Itunes 2.0.1

  • Apple Itunes 2.0.2

  • Apple Itunes 2.0.3

  • Apple Itunes 2.0.4

  • Apple Itunes 3.0

  • Apple Itunes 3.0.1

  • Apple Itunes 4.0

  • Apple Itunes 4.0.0

  • Apple Itunes 4.0.1

  • Apple Itunes 4.1

  • Apple Itunes 4.1.0

  • Apple Itunes 4.2

  • Apple Itunes 4.2.0

  • Apple Itunes 4.2.72

  • Apple Itunes 4.5

  • Apple Itunes 4.5.0

  • Apple Itunes 4.6

  • Apple Itunes 4.6.0

  • Apple Itunes 4.7

  • Apple Itunes 4.7.0

  • Apple Itunes 4.7.1

  • Apple Itunes 4.7.1.30

  • Apple Itunes 4.8

  • Apple Itunes 4.8.0

  • Apple Itunes 4.9

  • Apple Itunes 4.9.0

  • Apple Itunes 5.0

  • Apple Itunes 5.0.0

  • Apple Itunes 5.0.1

  • Apple Itunes 6.0

  • Apple Itunes 6.0.0

  • Apple Itunes 6.0.1

  • Apple Itunes 6.0.2

  • Apple Itunes 6.0.3

  • Apple Itunes 6.0.4

  • Apple Itunes 6.0.4.2

  • Apple Itunes 6.0.5

  • Apple Itunes 7.0.0

  • Apple Itunes 7.0.1

  • Apple Itunes 7.0.2

  • Apple Itunes 7.1.0

  • Apple Itunes 7.1.1

  • Apple Itunes 7.2.0

  • Apple Itunes 7.3.0

  • Apple Itunes 7.3.1

  • Apple Itunes 7.3.2

  • Apple Itunes 7.4

  • Apple Itunes 7.4.0

  • Apple Itunes 7.4.1

  • Apple Itunes 7.4.2

  • Apple Itunes 7.4.3

  • Apple Itunes 7.5

  • Apple Itunes 7.5.0

  • Apple Itunes 7.6

  • Apple Itunes 7.6.0

  • Apple Itunes 7.6.1

  • Apple Itunes 7.6.2

  • Apple Itunes 7.7

  • Apple Itunes 7.7.0

  • Apple Itunes 7.7.1

  • Apple Itunes 8.0


References

CONFIRM - http://support.apple.com/kb/HT3487

APPLE - APPLE-SA-2009-03-11

XF - itunes-daap-dos(49200)

VUPEN - ADV-2009-0702

BID - 34094

BUGTRAQ - 20090313 Apple iTunes DAAP Messages Handling Denial of Service Vulnerability

MISC - http://www.fortiguardcenter.com/advisory/FGA-2009-11.html

SECTRACK - 1021842

SECUNIA - 34254

OSVDB - 52578

FULLDISC - 20090312 Apple iTunes DAAP Messages Handling Denial of Service Vulnerability


Last Updated: 27 May 2016 10:49:33