Detect date
?
|
09/25/2016 |
Severity
?
|
High |
Description
|
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities
Technical details Vulnerability (2) related to improper verification of X.509 certificate. Vulnerability (3) can be exploited by conducting DNS rebinding attack via leveraging HTTP/0.9 support. Vulnerability (4) related to lack of restriction on location variable. |
Affected products
|
Apple iTunes versions earlier than 12.5.1 on Windows |
Solution
|
Update to the latest version |
Original advisories
|
|
Impacts
?
|
ACE [?] OSI [?] DoS [?] SB [?] |
Related products
|
Apple iTunes |
CVE-IDS
?
|
CVE-2016-47696.8High
CVE-2016-47686.8High CVE-2016-47676.8High CVE-2016-47666.8High CVE-2016-47656.8High CVE-2016-47634.9Warning CVE-2016-47626.8High CVE-2016-47604.3Warning CVE-2016-47596.8High CVE-2016-47584.3Warning |
Find out the statistics of the vulnerabilities spreading in your region |