KLA10076
Multiple vulnerabilities in Apple iTunes
Обновлено: 17/06/2019
Дата обнаружения
22/05/2013
Уровень угрозы
Critical
Описание

Multiple critical vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or spoof HTTPS servers. Below is a complete list of vulnerabilities

  1. Vectors related to browsing the iTunes Store can be exploited remotely by man-in-the-middle attacks;
  2. Improper certificate verification can be exploited remotely by man-in-the-middle attacks.
Пораженные продукты

Apple iTunes versions 11.0.2 and earlier

Решение

Update to latest version
iTunew

Первичный источник обнаружения
Apple bulletin
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]

SUI 
[?]
Связанные продукты
Apple iTunes
CVE-IDS
CVE-2013-09926.8High
CVE-2013-09999.3Critical
CVE-2013-09936.8High
CVE-2013-10144.3Warning
CVE-2013-10069.3Critical
CVE-2013-09916.8High
CVE-2013-10019.3Critical
CVE-2013-09976.8High
CVE-2013-10039.3Critical
CVE-2013-10089.3Critical
CVE-2013-09966.8High
CVE-2013-09986.8High
CVE-2013-09956.8High
CVE-2013-10029.3Critical
CVE-2013-09946.8High
CVE-2013-10059.3Critical
CVE-2013-10049.3Critical
CVE-2013-10109.3Critical
CVE-2013-10116.8High
CVE-2013-10079.3Critical
CVE-2013-10009.3Critical