Vulnerability Description
Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow remote attackers to leverage an exposure that would be absent if the administrator were given better information.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Mac Os X | 10.4.11 |
| Apple | Mac Os X Server | 10.4.11 |
| Apple | Itunes | All versions |
Related Weaknesses (CWE)
References
- http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.htmlPatchVendor Advisory
- http://securitytracker.com/id?1020840
- http://www.securityfocus.com/bid/31090Patch
- http://lists.apple.com/archives/security-announce//2008/Sep/msg00001.htmlPatchVendor Advisory
- http://securitytracker.com/id?1020840
- http://www.securityfocus.com/bid/31090Patch
FAQ
What is CVE-2008-3634?
CVE-2008-3634 is a vulnerability with a CVSS score of 2.6 (LOW). Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by the host-based firewall, presents misleading information about firewall security, which might allow rem...
How severe is CVE-2008-3634?
CVE-2008-3634 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3634?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X, Apple Mac Os X Server, Apple Itunes.