KLA11384
Multiple vulnerabilities in Apple iTunes
Updated: 01/04/2019
CVSS
?
7.5
Detect date
?
12/12/2018
Severity
?
Critical
Description

Multiple vulnerabilities were found in Apple iTunes. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Multiple vulnerabilities can be exploited remotely to spoof user interface;
  2. Multiple memory corruption vulnerabilities can be exploited remotely to execute arbitrary code;
Affected products

Apple iTunes earlier than 12.9.2

Solution

Update to the latest version
Download iTunes

Original advisories

About the security content of iTunes 12.9.2 for Windows

Impacts
?
ACE 
[?]

SUI 
[?]
Related products
Apple iTunes
CVE-IDS
?

CVE-2018-4440
CVE-2018-4439
CVE-2018-4437
CVE-2018-4464
CVE-2018-4441
CVE-2018-4442
CVE-2018-4443
CVE-2018-4438