KLA11279
Multiple vulnerabilities in Apple iTunes
Обновлено: 26/06/2019
Дата обнаружения
06/12/2017
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. An unspecified vulnerability in APNs Server can be exploited remotely to obtain sensitive information;
  2. A memory corruption vulnerability can be exploited to execute arbitrary code;
  3. An integer overflow vulnerability in ICU can be exploited remotely to obtain sensitive information;
  4. Multiple memory corruption vulnerabilities in WebKit can be exploited remotely to execute arbitrary code.
Пораженные продукты

Apple iTunes earlier than 12.7.2

Решение

Update to latest version
Download iTunes

Первичный источник обнаружения
About the security content of iTunes 12.7.2 for Windows
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

SUI 
[?]
Связанные продукты
Apple iTunes
CVE-IDS