Multiple vulnerabilities in Apple iTunes

Описание

Multiple critical vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or spoof HTTPS servers. Below is a complete list of vulnerabilities

1. Vectors related to browsing the iTunes Store can be exploited remotely by man-in-the-middle attacks;
2. Improper certificate verification can be exploited remotely by man-in-the-middle attacks.

Первичный источник обнаружения

• Apple bulletin
  

Связанные продукты

• Apple-iTunes

Список CVE

• CVE-2013-0992
  high
• CVE-2013-0999
  critical
• CVE-2013-0993
  high
• CVE-2013-1014
  warning
• CVE-2013-1006
  critical
• CVE-2013-0991
  high
• CVE-2013-1001
  critical
• CVE-2013-0997
  high
• CVE-2013-1003
  critical
• CVE-2013-1008
  critical
• CVE-2013-0996
  high
• CVE-2013-0998
  high
• CVE-2013-0995
  high
• CVE-2013-1002
  critical
• CVE-2013-0994
  high
• CVE-2013-1005
  critical
• CVE-2013-1004
  critical
• CVE-2013-1010
  critical
• CVE-2013-1011
  high
• CVE-2013-1007
  critical
• CVE-2013-1000
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com