KLA11526
Multiple vulnerabilities in Apple iTunes

Multiple vulnerabilities were found in iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A stack overflow vulnerability in libxslt can be exploited remotely to obtain sensitive information;
2. Multiple memory corruption vulnerabilities in WebKit can be exploited remotely via specially crafted web content to execute arbitrary code;
3. Multiple logic issues in WebKit can be exploited remotely via specially crafted web content to perform cross-site scripting attacks;

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Apple iTunes earlier than 12.9.6

Update to the latest version
Download iTunes