Description
Multiple serious vulnerabilities have been found in iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information.
Below is a complete list of vulnerabilities
- Multiple memory corruptions at CoreText, WebKit and ICU can be exploited remotely via an unknown vectors to cause denial of service or execute arbitrary code;
- Improper library loading at Microsoft Visual C++ Redistributable Package can be exploited remotely via a specially designed media file to cause denial of service;
- Improper network connection handling can be exploited remotely via an unknown vectors to obtain sensitive information.
Technical details
(3) can be exploited to obtain encrypted SMB credentials.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Related products
CVE list
- CVE-2015-1152 high
- CVE-2015-1153 high
- CVE-2015-3741 high
- CVE-2015-3746 high
- CVE-2015-3743 high
- CVE-2015-5755 high
- CVE-2015-3688 high
- CVE-2015-1205 critical
- CVE-2015-3747 high
- CVE-2015-3744 high
- CVE-2015-5806 high
- CVE-2015-3734 high
- CVE-2015-3748 high
- CVE-2015-3742 high
- CVE-2015-3738 high
- CVE-2015-3740 high
- CVE-2015-3733 high
- CVE-2015-5822 high
- CVE-2015-5803 high
- CVE-2015-5823 high
- CVE-2015-5804 high
- CVE-2015-5797 high
- CVE-2015-5796 high
- CVE-2015-1157 critical
- CVE-2015-3745 high
- CVE-2015-5790 high
- CVE-2015-5810 high
- CVE-2015-5811 high
- CVE-2015-5795 high
- CVE-2015-5794 high
- CVE-2015-5793 high
- CVE-2015-5792 high
- CVE-2015-5920 warning
- CVE-2015-5805 high
- CVE-2015-3730 high
- CVE-2015-5761 high
- CVE-2015-5813 high
- CVE-2015-5812 high
- CVE-2015-5791 high
- CVE-2015-5789 high
- CVE-2015-5814 high
- CVE-2015-5819 high
- CVE-2015-5799 high
- CVE-2015-3686 high
- CVE-2015-3687 high
- CVE-2015-5815 high
- CVE-2015-5807 high
- CVE-2015-5817 high
- CVE-2015-5816 high
- CVE-2015-3735 high
- CVE-2015-3736 high
- CVE-2015-5801 high
- CVE-2015-5802 high
- CVE-2015-5798 high
- CVE-2015-5808 high
- CVE-2015-5818 high
- CVE-2015-3749 high
- CVE-2015-3737 high
- CVE-2015-3731 high
- CVE-2015-3739 high
- CVE-2014-8146 critical
- CVE-2010-3190 critical
- CVE-2015-5800 high
- CVE-2015-5821 high
- CVE-2015-5874 critical
- CVE-2015-5809 high
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!