{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2008-09-10T16:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "APPLE-SA-2009-09-09", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html"}, {"name": "1020840", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1020840"}, {"name": "31090", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31090"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-3634", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "APPLE-SA-2009-09-09", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html"}, {"name": "1020840", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1020840"}, {"name": "31090", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31090"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:45:19.020Z"}, "title": "CVE Program Container", "references": [{"name": "APPLE-SA-2009-09-09", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html"}, {"name": "1020840", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1020840"}, {"name": "31090", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31090"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-3634", "datePublished": "2008-09-10T16:00:00.000Z", "dateReserved": "2008-08-12T00:00:00.000Z", "dateUpdated": "2024-09-16T17:14:56.121Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643", "vulnerable": false}, {"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C7FAB2A-936D-43A5-9F2F-D2EE8B7BA3CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "matchCriteriaId": "075059D3-9F2B-4746-9D85-597CAA0D476E", "versionEndIncluding": "7.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A8659A87-1197-4C3B-A076-90FE3A453205", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4E15C097-98DE-4217-8814-95B54CE418F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FC4179C0-CA2C-42D7-AD72-A19668662A62", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A0A8AD07-07A4-4384-BE4D-8DB0F2E902A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4AD3FBB2-EF88-42B5-8745-0DE5A3BB340C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "EA630BC5-DF1D-4602-A3AA-3319F3C5C9B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F1EB1098-87E1-45DC-BD44-2B374BAA758C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "49DD3B1C-1743-434B-B67F-A3C1B350059A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "4E27E1D8-0303-4F91-B1B0-38C64A8F04F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F995CF65-E3DD-4C54-B3F5-417C6F75D930", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "44964DEC-DC35-4DCE-B28D-687348758163", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "A8F1A117-8508-4274-99EA-D58F54EBBA6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C910CA4-5EA5-4507-BDE9-3E6C1434B666", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4490461A-84C7-42C3-A61B-4E6EF5980B47", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "D365C93F-D06C-4FB0-8192-A4E84B6B2F3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.2.72:*:*:*:*:*:*:*", "matchCriteriaId": "42486BD7-4371-46EE-B670-CED685872E6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C4B6A66A-AC5F-48E0-ABCE-68828207B106", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "071BFB1F-402B-4D8C-8155-671792AEDB81", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "DCBA60E9-C5B5-4B4C-9FA3-7FE0F3F6871C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.1.30:*:*:*:*:*:*:*", "matchCriteriaId": "B00EDB73-7A1B-4847-903A-88729269E1AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "07040FC1-6BFE-4E8F-A089-1166404BE33B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "D6573035-D208-4C4C-98A4-A7BA26C6AB15", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B48FDD0A-6DE5-44DD-B144-32B91DB26C7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B591AE1E-02DB-462A-B71F-48947525D232", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "FCD0C29E-FB9F-41DE-968F-46DD0EA55003", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2276BED4-82F0-4F62-AA6F-7E1667F28E3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "45D47548-1C4D-4368-99D1-929905DD6B3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "28AE8D2D-63CA-4091-9D59-CE919EB1FD75", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "52A433A5-3EFF-405D-8285-97EC88857968", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6FEE6DEC-9B26-47F4-A2CF-CA49981C8864", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0BA3571F-9221-45CD-9798-CC72CA428D6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "129ABCA4-FBF6-41B8-BF6B-65467D56D297", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6122C685-4F02-476F-9A41-9C62D3D92651", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "17D37426-00A0-40E5-A27A-CF31D8CBAEEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "3E11CADC-AFCC-4A98-9271-C35BC9752B40", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "11F1530E-9E63-4A39-9056-3A946A34B650", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "29E92D8D-68AB-4FC4-A37A-D6D48829B58D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDE7F79F-54F5-4315-98BD-414CA2D1C51E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "DBBF2E9F-0F37-4DDA-9704-B31D94745257", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "BBA5AB05-ADF6-4B5D-A4FD-9C149EC4577F", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information."}, {"lang": "es", "value": "Aplicaci\u00f3n Itunes anterior a la v8 sobre Mac OS X 10.4.11, cuando iTunes Sharing se encuentra habilitado pero bloqueado por el cortafuegos del sistema, muestra informaci\u00f3n falsa (enga\u00f1osa) sobre la seguridad del cortafuegos. Esto podr\u00eda ser aprovechado por atacantes remotos. El administrador no obviar\u00eda esta cuesti\u00f3n si se le diera mejor informaci\u00f3n al respecto."}], "id": "CVE-2008-3634", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-09-11T01:13:09.977", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1020840"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/31090"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1020840"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/31090"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}