iTunes < 11.0.3 Multiple Vulnerabilities (uncredentialed check)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that has multiple
vulnerabilities.

Description :

The remote version of iTunes is older than 11.0.3. As such, it is
potentially affected by several issues :

- An error exists related to certificate validation
that could allow disclosure of sensitive information
and could allow the application to trust data from
untrusted sources. Note this issue affects the
application regardless of operating system.
(CVE-2013-1014)

- The included version of WebKit contains several errors
that could lead to memory corruption and possibly
arbitrary code execution. The vendor notes one possible
attack vector is a man-in-the-middle attack while the
application browses the 'iTunes Store'. Please note
these issues only affect the application when running
on Windows.
(CVE-2012-2824, CVE-2012-2857, CVE-2012-3748,
CVE-2012-5112, CVE-2013-0879, CVE-2013-0912,
CVE-2013-0948, CVE-2013-0949, CVE-2013-0950,
CVE-2013-0951, CVE-2013-0952, CVE-2013-0953,
CVE-2013-0954, CVE-2013-0955, CVE-2013-0956,
CVE-2013-0958, CVE-2013-0959, CVE-2013-0960,
CVE-2013-0961, CVE-2013-0991, CVE-2013-0992,
CVE-2013-0993, CVE-2013-0994, CVE-2013-0995,
CVE-2013-0996, CVE-2013-0997, CVE-2013-0998,
CVE-2013-0999, CVE-2013-1000, CVE-2013-1001,
CVE-2013-1002, CVE-2013-1003, CVE-2013-1004,
CVE-2013-1005, CVE-2013-1006, CVE-2013-1007,
CVE-2013-1008, CVE-2013-1010, CVE-2013-1011)

See also :

http://www.zerodayinitiative.com/advisories/ZDI-13-107/
http://www.zerodayinitiative.com/advisories/ZDI-13-108/
http://www.zerodayinitiative.com/advisories/ZDI-13-109/
http://support.apple.com/kb/HT5766
http://lists.apple.com/archives/security-announce/2013/May/msg00000.html
http://www.securityfocus.com/archive/1/526623/30/0/threaded

Solution :

Upgrade to iTunes 11.0.3 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true