{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-08-12T00:00:00", "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"name": "itunes-dll-code-execution(61223)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61223"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4105"}, {"name": "oval:org.mitre.oval:def:7217", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7217"}, {"name": "42541", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/42541"}, {"tags": ["x_refsource_MISC"], "url": "http://www.acrossecurity.com/aspr/ASPR-2010-08-18-1-PUB.txt"}, {"name": "20100818 ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/513190/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2010-1795", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "itunes-dll-code-execution(61223)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61223"}, {"name": "http://support.apple.com/kb/HT4105", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4105"}, {"name": "oval:org.mitre.oval:def:7217", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7217"}, {"name": "42541", "refsource": "BID", "url": "http://www.securityfocus.com/bid/42541"}, {"name": "http://www.acrossecurity.com/aspr/ASPR-2010-08-18-1-PUB.txt", "refsource": "MISC", "url": "http://www.acrossecurity.com/aspr/ASPR-2010-08-18-1-PUB.txt"}, {"name": "20100818 ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/513190/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:35:53.648Z"}, "title": "CVE Program Container", "references": [{"name": "itunes-dll-code-execution(61223)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61223"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4105"}, {"name": "oval:org.mitre.oval:def:7217", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7217"}, {"name": "42541", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/42541"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.acrossecurity.com/aspr/ASPR-2010-08-18-1-PUB.txt"}, {"name": "20100818 ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/513190/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2010-1795", "datePublished": "2010-08-20T19:00:00", "dateReserved": "2010-05-06T00:00:00", "dateUpdated": "2024-08-07T01:35:53.648Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:itunes:1.0:-:windows:*:*:*:*:*", "matchCriteriaId": "EEEFF5EC-A455-4B11-9B22-1E79DE3EC45E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:1.1.1:-:windows:*:*:*:*:*", "matchCriteriaId": "5C697C09-C952-4A8F-A1AE-06F423AE7D5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:1.1.2:-:windows:*:*:*:*:*", "matchCriteriaId": "46297466-0506-4767-B49F-9914ACDB2A5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0.0:-:windows:*:*:*:*:*", "matchCriteriaId": "00598334-E6E2-4D14-9B75-F6384DAC5288", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "60639271-2C1D-41BD-BEA4-8D1CDAB9E224", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0.2:-:windows:*:*:*:*:*", "matchCriteriaId": "C9A3F04A-2FC3-48F2-B7C3-A159CB14D3F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0.3:-:windows:*:*:*:*:*", "matchCriteriaId": "A4F5B268-399F-4CEC-9996-01BD55841141", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:2.0.4:-:windows:*:*:*:*:*", "matchCriteriaId": "28C2D685-7064-4F75-9100-21212557933A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:3.0.0:-:windows:*:*:*:*:*", "matchCriteriaId": "87DADBB9-FCB8-4970-9B36-B52BB253DEC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:3.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "49DC6060-C598-4DA3-AC7A-912840492B31", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.0.0:-:windows:*:*:*:*:*", "matchCriteriaId": "262CAFD7-07C2-4C71-B2FC-165A88977881", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "3CA9634F-A553-4B72-BBA2-AD7EAE4DFA81", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.1.0:-:windows:*:*:*:*:*", "matchCriteriaId": "E91D9ACF-2595-4A9A-B581-46F177300B7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.2.0:-:windows:*:*:*:*:*", "matchCriteriaId": "2320B809-DE44-49AA-9C96-196BF39749C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.5.0:-:windows:*:*:*:*:*", "matchCriteriaId": "FD00E684-506B-4ED6-B48C-7D565CDA188C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.6.0:-:windows:*:*:*:*:*", "matchCriteriaId": "28519DE2-61CA-4943-9247-9F6BCB0367DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.0:-:windows:*:*:*:*:*", "matchCriteriaId": "822F3D7E-810F-41B9-823F-D0B54BD1A3B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.1:-:windows:*:*:*:*:*", "matchCriteriaId": "359C82A7-F6FB-4140-BD11-2B38B323933A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.8.0:-:windows:*:*:*:*:*", "matchCriteriaId": "E9B16D5E-9EF4-4253-8E07-75C8E5E0E33E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:4.9.0:-:windows:*:*:*:*:*", "matchCriteriaId": "CA2B6657-6E0F-4915-ACB9-219F76D8E38A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:5.0.0:-:windows:*:*:*:*:*", "matchCriteriaId": "10A63976-A435-4F6C-8B09-3001CA3EDC72", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:5.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "B97DF98E-792B-474E-8820-DF88C4B28A94", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.0:-:windows:*:*:*:*:*", "matchCriteriaId": "97558F66-FA78-454B-B25C-DA2A39CA1A02", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "B3F084A8-A293-4151-80F6-72C14582E31F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.2:-:windows:*:*:*:*:*", "matchCriteriaId": "7426FDD0-F909-48AB-97C9-C4B25C05E6DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.3:-:windows:*:*:*:*:*", "matchCriteriaId": "372C1609-E534-41E0-87CD-C654BBF0B88F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.4:-:windows:*:*:*:*:*", "matchCriteriaId": "03FCF3E7-0649-43B7-90C8-521E90079156", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.4.2:-:windows:*:*:*:*:*", "matchCriteriaId": "AA515EB9-7BF3-4B2E-800F-F50FFD2E4E16", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.5:-:windows:*:*:*:*:*", "matchCriteriaId": "407AD48A-EA07-456F-B46B-24383E416A95", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.0:-:windows:*:*:*:*:*", "matchCriteriaId": "C5B51908-CB81-492D-A437-D0508ABE05FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "0E826E91-CBBF-48D8-A4AD-7FB6830F3769", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.2:-:windows:*:*:*:*:*", "matchCriteriaId": "066FC8C7-5A0B-4B2E-A51E-BFB42153FD21", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.1.0:-:windows:*:*:*:*:*", "matchCriteriaId": "0D2412E1-745B-4CFC-B075-1960A1410335", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.1.1:-:windows:*:*:*:*:*", "matchCriteriaId": "45F36172-97A7-4767-BC9E-8DC0444A8635", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.2.0:-:windows:*:*:*:*:*", "matchCriteriaId": "D0D889C7-320C-4674-834F-93C8B1701EAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.0:-:windows:*:*:*:*:*", "matchCriteriaId": "23B4660B-D22B-4AC5-B6F2-87F83A2251A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.1:-:windows:*:*:*:*:*", "matchCriteriaId": "7F61B45F-86CA-43F6-BA12-62AB0FBAD352", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.2:-:windows:*:*:*:*:*", "matchCriteriaId": "9F7D1E31-E28F-4EAD-AAE5-01AE478003B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.0:-:windows:*:*:*:*:*", "matchCriteriaId": "91FB2868-DDF9-4D33-B78C-2A5180F9D260", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.1:-:windows:*:*:*:*:*", "matchCriteriaId": "AEEC5C0E-DDC5-4B28-8C04-DF69C152E1AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.2:-:windows:*:*:*:*:*", "matchCriteriaId": "2F688163-C543-4D58-BF71-DF50FFB0A112", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.3:-:windows:*:*:*:*:*", "matchCriteriaId": "8B5044B7-144C-4850-9598-FC90248645EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.5.0:-:windows:*:*:*:*:*", "matchCriteriaId": "0C0CB6DE-46C4-4F9D-B8FD-47C01922D2D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.0:-:windows:*:*:*:*:*", "matchCriteriaId": "040B2DB5-8F7D-4272-A0D1-2872B289B125", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.1:-:windows:*:*:*:*:*", "matchCriteriaId": "1A957B0E-9A86-40D4-8A39-01895C32838A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.2:-:windows:*:*:*:*:*", "matchCriteriaId": "0B7DBB76-5A86-42A3-8A0A-19D616357619", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.7.0:-:windows:*:*:*:*:*", "matchCriteriaId": "BC16747F-9F32-4186-9824-487163276EEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:7.7.1:-:windows:*:*:*:*:*", "matchCriteriaId": "F2043A3A-3578-42D8-AF54-7C8073CA0DB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.0:-:windows:*:*:*:*:*", "matchCriteriaId": "8524DF4C-9607-42A9-92DF-815F501C2133", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "17517493-027E-4844-85DD-D8ABCDEB1BBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.0.2:-:windows:*:*:*:*:*", "matchCriteriaId": "5A653FFB-16BF-439D-A03A-1C9FB6B6AB16", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.1:-:windows:*:*:*:*:*", "matchCriteriaId": "891B1042-2F02-4D3A-9F2E-2567B2C0A63C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.1.1:-:windows:*:*:*:*:*", "matchCriteriaId": "36690CCC-AA84-4328-9BA5-F26556B1EBE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.2:-:windows:*:*:*:*:*", "matchCriteriaId": "9CAB77AB-531A-43DD-8353-598941AC4128", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:8.2.1:-:windows:*:*:*:*:*", "matchCriteriaId": "031526F9-4D73-4D0D-90A1-ED6D6B3CA467", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.0:-:windows:*:*:*:*:*", "matchCriteriaId": "F517459A-E3CD-4BBC-A38B-C83B0E761939", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.1:-:windows:*:*:*:*:*", "matchCriteriaId": "F3A1B79A-D89C-416B-9AC6-17E2DC543FDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.2:-:windows:*:*:*:*:*", "matchCriteriaId": "90B7F3C0-3266-4611-92D9-E39CD6970641", "vulnerable": true}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.3:-:windows:*:*:*:*:*", "matchCriteriaId": "29D70813-38DE-415F-A2C6-08C867B2D726", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory."}, {"lang": "es", "value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en Apple iTunes anterior a v9.1, cuando se ejecuta en Windows 7, Vista, y XP, permite a atacantes obtener privilegios a trav\u00e9s de una DDL que es un troyano en el directorio actual de trabajo."}], "id": "CVE-2010-1795", "lastModified": "2018-10-10T19:57:51.703", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-08-20T20:00:02.467", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/kb/HT4105"}, {"source": "product-security@apple.com", "url": "http://www.acrossecurity.com/aspr/ASPR-2010-08-18-1-PUB.txt"}, {"source": "product-security@apple.com", "url": "http://www.securityfocus.com/archive/1/513190/100/0/threaded"}, {"source": "product-security@apple.com", "url": "http://www.securityfocus.com/bid/42541"}, {"source": "product-security@apple.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61223"}, {"source": "product-security@apple.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7217"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}