AppleTV < 6.1.1 Multiple Vulnerabilities

Medium

Synopsis

The version of this AppleTV device is not current and is thus open to multiple vulnerabilities.

Description

The following have since been patched in version 6.1.1:

- Set-Cookie HTTP headers are processed even if the connection closed before the header was complete. An attacker could leverage this to strip security settings and obtain the HTTP cookie. (CVE-2014-1296)

- Information disclosure due to the IOKit object storing kernel pointers, which could be used by a local attacker to defeat kernel address space layout randomization. (CVE-2014-1320)

- A 'triple handshake' vulnerability could be leveraged by an attacker on the local network to perform a man-in-the-middle attack. (CVE-2014-1295)

- Multiple memory corruption issues in the underlying WebKit library. (CVE-2013-2871, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1713)

Solution

Upgrade AppleTV to 6.1.1, or later.