Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10076
Multiple vulnerabilities in Apple iTunes
Updated: 06/17/2019
Detect date
?
 05/22/2013
Severity
?
 Critical
Description

Multiple critical vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or spoof HTTPS servers. Below is a complete list of vulnerabilities

  1. Vectors related to browsing the iTunes Store can be exploited remotely by man-in-the-middle attacks;
  2. Improper certificate verification can be exploited remotely by man-in-the-middle attacks.
Affected products

Apple iTunes versions 11.0.2 and earlier
Solution

Update to latest version
iTunew
Original advisories

Apple bulletin
Impacts
?
ACE 
[?]

DoS 
[?]

SUI 
[?]
CVE-IDS
?
CVE-2013-09926.8High
CVE-2013-09999.3Critical
CVE-2013-09936.8High
CVE-2013-10144.3Warning
CVE-2013-10069.3Critical
CVE-2013-09916.8High
CVE-2013-10019.3Critical
CVE-2013-09976.8High
CVE-2013-10039.3Critical
CVE-2013-10089.3Critical
CVE-2013-09966.8High
CVE-2013-09986.8High
CVE-2013-09956.8High
CVE-2013-10029.3Critical
CVE-2013-09946.8High
CVE-2013-10059.3Critical
CVE-2013-10049.3Critical
CVE-2013-10109.3Critical
CVE-2013-10116.8High
CVE-2013-10079.3Critical
CVE-2013-10009.3Critical
© 2019 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up