CVE-2010-0532

Published Mar 31, 2010

Last updated 7 years ago

CVSS info 6.9

Overview

Description: Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse.
Source: product-security@apple.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.9
Impact score: 10
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-362

Hype score: Not currently trending

Evaluator

Comment: -
Impact: Per: http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html 'This issue does not affect Mac OS X systems.'
Solution: Per: http://lists.apple.com/archives/security-announce/2010//Mar/msg00003.html 'This issue does not affect Mac OS X systems.'

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apple:itunes:*:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F63692D6-3FAD-449C-B610-35479FBDE89C",
            "versionEndIncluding": "9.0.3"
          },
          {
            "criteria": "cpe:2.3:a:apple:itunes:9.0:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1E809C8-4212-4C32-B3C9-314859CE04EB"
          },
          {
            "criteria": "cpe:2.3:a:apple:itunes:9.0.0:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F517459A-E3CD-4BBC-A38B-C83B0E761939"
          },
          {
            "criteria": "cpe:2.3:a:apple:itunes:9.0.1:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3A1B79A-D89C-416B-9AC6-17E2DC543FDD"
          },
          {
            "criteria": "cpe:2.3:a:apple:itunes:9.0.2:-:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90B7F3C0-3266-4611-92D9-E39CD6970641"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References