CVE-2008-3634

Apple iTunes <8.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information.

References (3)

Core 3
Core References
Patch, Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1020840
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31090

Scores

EPSS 0.0164
EPSS Percentile 73.6%

Details

CWE
CWE-200
Status published
Products (44)
apple/itunes
apple/itunes 1.0
apple/itunes 1.1
apple/itunes 1.1.1
apple/itunes 1.1.2
apple/itunes 2.0
apple/itunes 2.0.1
apple/itunes 2.0.2
apple/itunes 2.0.3
apple/itunes 2.0.4
... and 34 more
Published Sep 11, 2008
Tracked Since Feb 18, 2026