CVE-2009-0016

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-0016
Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0236.html
http://lists.apple.com/archives/security-announce//2009/Mar/msg00001.html Patch Vendor Advisory
http://osvdb.org/52578
http://secunia.com/advisories/34254 Vendor Advisory
http://securitytracker.com/id?1021842
http://support.apple.com/kb/HT3487 Patch Vendor Advisory
http://www.fortiguardcenter.com/advisory/FGA-2009-11.html
http://www.securityfocus.com/archive/1/501758/100/0/threaded
http://www.securityfocus.com/bid/34094
http://www.vupen.com/english/advisories/2009/0702
https://exchange.xforce.ibmcloud.com/vulnerabilities/49200
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6001
http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0236.html
http://lists.apple.com/archives/security-announce//2009/Mar/msg00001.html Patch Vendor Advisory
http://osvdb.org/52578
http://secunia.com/advisories/34254 Vendor Advisory
http://securitytracker.com/id?1021842
http://support.apple.com/kb/HT3487 Patch Vendor Advisory
http://www.fortiguardcenter.com/advisory/FGA-2009-11.html
http://www.securityfocus.com/archive/1/501758/100/0/threaded
http://www.securityfocus.com/bid/34094
http://www.vupen.com/english/advisories/2009/0702
https://exchange.xforce.ibmcloud.com/vulnerabilities/49200
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6001
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:apple:itunes:*:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:1.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:1.1.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:1.1.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:2.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:2.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:2.0.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:2.0.3:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:2.0.4:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:3.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:3.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.0.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.0.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.1.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.2.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.2.72:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.5:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.5.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.6:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.6.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.7:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.7.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.7.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.7.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.7.1.30:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.8:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.8.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.9:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:4.9.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:5.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:5.0.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:5.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:5.0.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.3:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.3:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.4:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.4:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.4.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.5:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:6.0.5:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.0.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.0.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.0.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.0.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.1.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.1.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.2.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.3.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.3.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.3.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.3.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.4:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.4.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.4.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.4.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.4.2:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.4.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.4.3:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.5:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.5.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.6:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.6.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.6.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.6.1:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.6.2:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.7:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.7.0:-:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.7.1:*:windows:*:*:*:*:*
cpe:2.3:a:apple:itunes:7.7.1:-:windows:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:58

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0236.html - () http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0236.html -
References () http://lists.apple.com/archives/security-announce//2009/Mar/msg00001.html - Patch, Vendor Advisory () http://lists.apple.com/archives/security-announce//2009/Mar/msg00001.html - Patch, Vendor Advisory
References () http://osvdb.org/52578 - () http://osvdb.org/52578 -
References () http://secunia.com/advisories/34254 - Vendor Advisory () http://secunia.com/advisories/34254 - Vendor Advisory
References () http://securitytracker.com/id?1021842 - () http://securitytracker.com/id?1021842 -
References () http://support.apple.com/kb/HT3487 - Patch, Vendor Advisory () http://support.apple.com/kb/HT3487 - Patch, Vendor Advisory
References () http://www.fortiguardcenter.com/advisory/FGA-2009-11.html - () http://www.fortiguardcenter.com/advisory/FGA-2009-11.html -
References () http://www.securityfocus.com/archive/1/501758/100/0/threaded - () http://www.securityfocus.com/archive/1/501758/100/0/threaded -
References () http://www.securityfocus.com/bid/34094 - () http://www.securityfocus.com/bid/34094 -
References () http://www.vupen.com/english/advisories/2009/0702 - () http://www.vupen.com/english/advisories/2009/0702 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/49200 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/49200 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6001 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6001 -
Information

Published : 2009-03-14 18:30

Updated : 2024-11-21 00:58

NVD link : CVE-2009-0016

Mitre link : CVE-2009-0016

CVE.ORG link : CVE-2009-0016

JSON object : View

Products Affected

apple

  • itunes

microsoft

  • windows
CWE
CWE-20

Improper Input Validation