KLA11384
Multiple vulnerabilities in Apple iTunes
Updated: 06/01/2019
Detect date
?
12/12/2018
Severity
?
Critical
Description

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Multiple vulnerabilities can be exploited remotely to spoof user interface;
  2. Multiple memory corruption vulnerabilities can be exploited remotely to execute arbitrary code;
Affected products

Apple iTunes earlier than 12.9.2

Solution

Update to the latest version
Download iTunes

Original advisories

About the security content of iTunes 12.9.2 for Windows

Impacts
?
ACE 
[?]

SUI 
[?]
Related products
Apple iTunes
CVE-IDS
?
CVE-2018-44406.5High
CVE-2018-44396.5High
CVE-2018-44377.5Critical
CVE-2018-44647.5Critical
CVE-2018-44417.5Critical
CVE-2018-44427.5Critical
CVE-2018-44437.5Critical
CVE-2018-44387.5Critical