Apple iTunes up to 12.10.6 on Windows WebKit memory corruption

EntryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in Apple iTunes up to 12.10.6 on Windows (Multimedia Player Software). Affected is an unknown code block of the component WebKit. Upgrading to version 12.10.7 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1052966310/20/2020VulD...cve_nvd_summaryA memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.cve.mitre.org10/20/2020accepted70
1052966210/20/2020VulD...cve_assigned1583103600cve.mitre.org10/20/2020accepted70
1011864705/30/2020VulD...cvss3_nvd_aHnist.gov05/30/2020accepted100
1011864605/30/2020VulD...cvss3_nvd_iHnist.gov05/30/2020accepted100
1011864505/30/2020VulD...cvss3_nvd_cHnist.gov05/30/2020accepted100
1011864405/30/2020VulD...cvss3_nvd_sUnist.gov05/30/2020accepted100
1011864305/30/2020VulD...cvss3_nvd_uiRnist.gov05/30/2020accepted100
1011864205/30/2020VulD...cvss3_nvd_prNnist.gov05/30/2020accepted100
1011864105/30/2020VulD...cvss3_nvd_acLnist.gov05/30/2020accepted100
1011864005/30/2020VulD...cvss3_nvd_avNnist.gov05/30/2020accepted100
1011862705/30/2020VulD...cvss2_nvd_aiPnist.gov05/30/2020accepted100
1011862605/30/2020VulD...cvss2_nvd_iiPnist.gov05/30/2020accepted100
1011862505/30/2020VulD...cvss2_nvd_ciPnist.gov05/30/2020accepted100
1011862405/30/2020VulD...cvss2_nvd_auNnist.gov05/30/2020accepted100
1011862305/30/2020VulD...cvss2_nvd_acMnist.gov05/30/2020accepted100
1011862205/30/2020VulD...cvss2_nvd_avNnist.gov05/30/2020accepted100
1011861205/30/2020VulD...cwe119 (memory corruption)05/30/2020accepted100
1011860605/30/2020VulD...typeMultimedia Player Software05/30/2020accepted100
1011866905/30/2020VulD...cvss3_nvd_basescore8.8nist.gov05/30/2020accepted90
1011866805/30/2020VulD...cvss3_vuldb_rcC05/30/2020accepted90

Do you want to use VulDB in your project?

Use the official API to access entries easily!