NVD Vulnerability Detail

CVE-2008-3634

Summary	Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information.
Summary	Aplicación Itunes anterior a la v8 sobre Mac OS X 10.4.11, cuando iTunes Sharing se encuentra habilitado pero bloqueado por el cortafuegos del sistema, muestra información falsa (engañosa) sobre la seguridad del cortafuegos. Esto podría ser aprovechado por atacantes remotos. El administrador no obviaría esta cuestión si se le diera mejor información al respecto.
Publication Date	Sept. 11, 2008, 10:13 a.m.
Registration Date	Jan. 29, 2021, 1:40 p.m.
Last Update	April 23, 2026, 9:35 a.m.

CVSS2.0 : LOW
Score	2.6
Vector	AV:N/AC:H/Au:N/C:P/I:N/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	高
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	なし
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:apple:itunes::::::::
cpe:2.3:a:apple:itunes::::::::		7.7.1
cpe:2.3:a:apple:itunes:1.0:::::::*
cpe:2.3:a:apple:itunes:1.1:::::::*
cpe:2.3:a:apple:itunes:1.1.1:::::::*
cpe:2.3:a:apple:itunes:1.1.2:::::::*
cpe:2.3:a:apple:itunes:2.0:::::::*
cpe:2.3:a:apple:itunes:2.0.1:::::::*
cpe:2.3:a:apple:itunes:2.0.2:::::::*
cpe:2.3:a:apple:itunes:2.0.3:::::::*
cpe:2.3:a:apple:itunes:2.0.4:::::::*
cpe:2.3:a:apple:itunes:3.0:::::::*
cpe:2.3:a:apple:itunes:3.0.1:::::::*
cpe:2.3:a:apple:itunes:4.0:::::::*
cpe:2.3:a:apple:itunes:4.0.1:::::::*
cpe:2.3:a:apple:itunes:4.1:::::::*
cpe:2.3:a:apple:itunes:4.2:::::::*
cpe:2.3:a:apple:itunes:4.2.72:::::::*
cpe:2.3:a:apple:itunes:4.5:::::::*
cpe:2.3:a:apple:itunes:4.6:::::::*
cpe:2.3:a:apple:itunes:4.7:::::::*
cpe:2.3:a:apple:itunes:4.7.1:::::::*
cpe:2.3:a:apple:itunes:4.7.1.30:::::::*
cpe:2.3:a:apple:itunes:4.8:::::::*
cpe:2.3:a:apple:itunes:4.9:::::::*
cpe:2.3:a:apple:itunes:5.0:::::::*
cpe:2.3:a:apple:itunes:5.0.1:::::::*
cpe:2.3:a:apple:itunes:6.0:::::::*
cpe:2.3:a:apple:itunes:6.0.1:::::::*
cpe:2.3:a:apple:itunes:6.0.2:::::::*
cpe:2.3:a:apple:itunes:6.0.3:::::::*
cpe:2.3:a:apple:itunes:6.0.4:::::::*
cpe:2.3:a:apple:itunes:6.0.4.2:::::::*
cpe:2.3:a:apple:itunes:6.0.5:::::::*
cpe:2.3:a:apple:itunes:7.0.2:::::::*
cpe:2.3:a:apple:itunes:7.3.2:::::::*
cpe:2.3:a:apple:itunes:7.4:::::::*
cpe:2.3:a:apple:itunes:7.4.1:::::::*
cpe:2.3:a:apple:itunes:7.4.2:::::::*
cpe:2.3:a:apple:itunes:7.4.3:::::::*
cpe:2.3:a:apple:itunes:7.5:::::::*
cpe:2.3:a:apple:itunes:7.6:::::::*
cpe:2.3:a:apple:itunes:7.6.1:::::::*
cpe:2.3:a:apple:itunes:7.6.2:::::::*
cpe:2.3:a:apple:itunes:7.7:::::::*

Related information, measures and tools

No	URL	refsource
1	http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html	cve@mitre.org
2	http://securitytracker.com/id?1020840	cve@mitre.org
3	http://www.securityfocus.com/bid/31090	cve@mitre.org
4	http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.html	af854a3a-2127-422b-91ae-364da2661108
5	http://securitytracker.com/id?1020840	af854a3a-2127-422b-91ae-364da2661108
6	http://www.securityfocus.com/bid/31090	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:apple:itunes::::::::
cpe:2.3:a:apple:itunes::::::::		7.7.1
cpe:2.3:a:apple:itunes:1.0:::::::*
cpe:2.3:a:apple:itunes:1.1:::::::*
cpe:2.3:a:apple:itunes:1.1.1:::::::*
cpe:2.3:a:apple:itunes:1.1.2:::::::*
cpe:2.3:a:apple:itunes:2.0:::::::*
cpe:2.3:a:apple:itunes:2.0.1:::::::*
cpe:2.3:a:apple:itunes:2.0.2:::::::*
cpe:2.3:a:apple:itunes:2.0.3:::::::*
cpe:2.3:a:apple:itunes:2.0.4:::::::*
cpe:2.3:a:apple:itunes:3.0:::::::*
cpe:2.3:a:apple:itunes:3.0.1:::::::*
cpe:2.3:a:apple:itunes:4.0:::::::*
cpe:2.3:a:apple:itunes:4.0.1:::::::*
cpe:2.3:a:apple:itunes:4.1:::::::*
cpe:2.3:a:apple:itunes:4.2:::::::*
cpe:2.3:a:apple:itunes:4.2.72:::::::*
cpe:2.3:a:apple:itunes:4.5:::::::*
cpe:2.3:a:apple:itunes:4.6:::::::*
cpe:2.3:a:apple:itunes:4.7:::::::*
cpe:2.3:a:apple:itunes:4.7.1:::::::*
cpe:2.3:a:apple:itunes:4.7.1.30:::::::*
cpe:2.3:a:apple:itunes:4.8:::::::*
cpe:2.3:a:apple:itunes:4.9:::::::*
cpe:2.3:a:apple:itunes:5.0:::::::*
cpe:2.3:a:apple:itunes:5.0.1:::::::*
cpe:2.3:a:apple:itunes:6.0:::::::*
cpe:2.3:a:apple:itunes:6.0.1:::::::*
cpe:2.3:a:apple:itunes:6.0.2:::::::*
cpe:2.3:a:apple:itunes:6.0.3:::::::*
cpe:2.3:a:apple:itunes:6.0.4:::::::*
cpe:2.3:a:apple:itunes:6.0.4.2:::::::*
cpe:2.3:a:apple:itunes:6.0.5:::::::*
cpe:2.3:a:apple:itunes:7.0.2:::::::*
cpe:2.3:a:apple:itunes:7.3.2:::::::*
cpe:2.3:a:apple:itunes:7.4:::::::*
cpe:2.3:a:apple:itunes:7.4.1:::::::*
cpe:2.3:a:apple:itunes:7.4.2:::::::*
cpe:2.3:a:apple:itunes:7.4.3:::::::*
cpe:2.3:a:apple:itunes:7.5:::::::*
cpe:2.3:a:apple:itunes:7.6:::::::*
cpe:2.3:a:apple:itunes:7.6.1:::::::*
cpe:2.3:a:apple:itunes:7.6.2:::::::*
cpe:2.3:a:apple:itunes:7.7:::::::*