CVE-2013-1035
Published Sep 19, 2013
Last updated 7 years ago
Overview
- Description
- The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
- Source
- product-security@apple.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08B52D6A-07AF-4B70-A815-133933767E50",
"versionEndIncluding": "11.0.5"
},
{
"criteria": "cpe:2.3:a:apple:itunes:11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3979F15D-34E1-49F6-BCCE-21F4F680D9D8"
},
{
"criteria": "cpe:2.3:a:apple:itunes:11.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D0181AF-C382-4500-A7AC-220DCD619F96"
},
{
"criteria": "cpe:2.3:a:apple:itunes:11.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B04367A-1C86-4CF6-BCB7-3FA4D920E452"
},
{
"criteria": "cpe:2.3:a:apple:itunes:11.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F346750-0E04-46BC-94DD-524A2893D8FD"
},
{
"criteria": "cpe:2.3:a:apple:itunes:11.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48E955F0-51D4-4B91-AE05-5653800C3AC9"
}
],
"operator": "OR"
}
]
}
]