http://libpng.org/pub/png/libpng.html

APPLE-SA-2012-02-01-1

APPLE-SA-2012-05-09-1

APPLE-SA-2012-09-19-1

http://sourceforge.net/tracker/index.php?func=detail&aid=3406145&group_id=5624&atid=105624

http://support.apple.com/kb/HT5130

http://support.apple.com/kb/HT5281

http://support.apple.com/kb/HT5503

VU#477046

https://bugzilla.redhat.com/show_bug.cgi?id=740864

According to its banner, the remote Apple TV 2nd generation or later device has a version of iOS that is prior to 5.1. It is, therefore, reportedly affected by several vulnerabilities :

  - An uninitialized memory access issue in the handling of     Sorenson encoded movie files could lead to arbitrary     code execution. (CVE-2012-3722)

  - Following the DNAv4 protocol, the device may broadcast     MAC addresses of previously accessed networks when     connecting to a Wi-Fi network. (CVE-2012-3725)

  - A buffer overflow in libtiff's handling of ThunderScan     encoded TIFF images could lead to arbitrary code     execution. (CVE-2011-1167)

  - Multiple memory corruption issues in libpng's handling     of PNG images could lead to arbitrary code execution.
    (CVE-2011-3026 / CVE-2011-3048 / CVE-2011-3328)

  - A double free issue in ImageIO's handling of JPEG     images could lead to arbitrary code execution.
    (CVE-2012-3726)

  - An integer overflow issue in libTIFF's handling of TIFF     images could lead to arbitrary code execution.
    (CVE-2012-1173)

  - A stack-based buffer overflow in the handling of ICU     locale IDs could lead to arbitrary code execution.
    (CVE-2011-4599)

  - Multiple vulnerabilities in libxml could have a variety     of impacts, including arbitrary code execution.
    (CVE-2011-1944 / CVE-2011-2821 / CVE-2011-2834 /     CVE-2011-3919)

  - Multiple memory corruption issues in JavaScriptCore     could lead to arbitrary code execution.
    (CVE-2012-0682 / CVE-2012-0683 / CVE-2012-3589 /     CVE-2012-3590 / CVE-2012-3591 / CVE-2012-3592 /     CVE-2012-3678 / CVE-2012-3679)

The mobile device is running a version of iOS that is older than version 6.0.  Version 6.0 contains numerous security-related fixes for the following vulnerabilities :

  - Numerous memory errors exist related to handling     'TIFF', 'PNG' and 'JPEG' images and 'ImageIO' that could     allow arbitrary code execution. (CVE-2011-1167,     CVE-2011-3026, CVE-2011-3048, CVE-2011-3328,     CVE-2012-1173, CVE-2012-3726)

  - Several issues exist related to 'CoreGraphics' and     'FreeType' (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128,     CVE-2012-1129, CVE-2012-1130, CVE-2012-1131,     CVE-2012-1132, CVE-2012-1133, CVE-2012-1134,     CVE-2012-1135, CVE-2012-1136, CVE-2012-1137,     CVE-2012-1138, CVE-2012-1139, CVE-2012-1140,     CVE-2012-1141, CVE-2012-1142, CVE-2012-1143,     CVE-2012-1144)

  - Numerous issues exist related to libxml and could lead     to application crashes or arbitrary code execution.
    (CVE-2011-1944, CVE-2011-2821, CVE-2011-2834,     CVE-2011-3919)

  - A stack-based buffer overflow exists related to 'locale     ID' and 'International Components for Unicode' (ICU).
    (CVE-2011-4599)

  - An unitialized memory access issue exists related to     'Sorenson' encoded movie files and 'CoreMedia'.
    (CVE-2012-3722)

  - An URL handling issue exists related to 'CFNetwork'     that can disclose sensitive information. (CVE-2012-3724)

  - The 'DNAv4' protocol discloses sensitive information     when connecting to unencrypted WiFi networks.
    (CVE-2012-3725)

  - A buffer overflow error exists related to 'IPSec' and     'racoon' configuration files. (CVE-2012-3727)

  - An invalid pointer dereference error exists related to     the kernel and packet filter ioctls. (CVE-2012-3728)

  - An uninitialized memory access error exists related to     the kernel and the Berkeley Packet Filter interpreter.
    (CVE-2012-3729)

  - Several issues exist related to 'Mail' and the handling     of attachments and 'S/MIME' signed messages.
    (CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)

  - Information disclosure issues exist related to     'Messages', 'Office Viewer', system logs, and 'UIKit'.
    (CVE-2012-3733, CVE-2012-3734, CVE-2012-3743,     CVE-2012-3746)

  - Memory corruption errors exist related to 'OpenGL'.
    (CVE-2011-3457)

  - Numerous errors exist related to 'Passcode Lock'.
    (CVE-2012-3735, CVE-2012-3736, CVE-2012-3737,     CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)

  - An error exists in 'Restrictions' that could allow     unauthorized purchases. (CVE-2012-3741)

  - Errors exist in 'Safari' that are related to misleading     URL characters and password auto complete.
    (CVE-2012-3742, CVE-2012-0680)

  - A buffer overflow error exists related to 'Telephony'     and SMS handling. (CVE-2012-3745)

  - Many errors exist related to the bundled 'WebKit'     components. (CVE-2011-2845, CVE-2011-3016,     CVE-2011-3021, CVE-2011-3027, CVE-2011-3032,     CVE-2011-3034, CVE-2011-3035, CVE-2011-3036,     CVE-2011-3037, CVE-2011-3038, CVE-2011-3039,     CVE-2011-3040, CVE-2011-3041, CVE-2011-3042,     CVE-2011-3043, CVE-2011-3044, CVE-2011-3050,     CVE-2011-3053, CVE-2011-3059, CVE-2011-3060,     CVE-2011-3064, CVE-2011-3067, CVE-2011-3068,     CVE-2011-3069, CVE-2011-3071, CVE-2011-3073,     CVE-2011-3074, CVE-2011-3075, CVE-2011-3076,     CVE-2011-3078, CVE-2011-3081, CVE-2011-3086,     CVE-2011-3089, CVE-2011-3090, CVE-2011-3105,     CVE-2011-3913, CVE-2011-3924, CVE-2011-3926,     CVE-2011-3958, CVE-2011-3966, CVE-2011-3968,     CVE-2011-3969, CVE-2011-3971, CVE-2012-0682,     CVE-2012-0683, CVE-2012-1520, CVE-2012-1521,     CVE-2012-2815, CVE-2012-2818, CVE-2012-3589,     CVE-2012-3590, CVE-2012-3591, CVE-2012-3592,     CVE-2012-3593, CVE-2012-3594, CVE-2012-3595,     CVE-2012-3596, CVE-2012-3597, CVE-2012-3598,     CVE-2012-3599, CVE-2012-3600, CVE-2012-3601,     CVE-2012-3602, CVE-2012-3603, CVE-2012-3604,     CVE-2012-3605, CVE-2012-3608, CVE-2012-3609,     CVE-2012-3610, CVE-2012-3611, CVE-2012-3612,     CVE-2012-3613, CVE-2012-3614, CVE-2012-3615,     CVE-2012-3617, CVE-2012-3618, CVE-2012-3620,     CVE-2012-3624, CVE-2012-3625, CVE-2012-3626,     CVE-2012-3627, CVE-2012-3628, CVE-2012-3629,     CVE-2012-3630, CVE-2012-3631, CVE-2012-3633,     CVE-2012-3634, CVE-2012-3635, CVE-2012-3636,     CVE-2012-3637, CVE-2012-3638, CVE-2012-3639,     CVE-2012-3640, CVE-2012-3641, CVE-2012-3642,     CVE-2012-3644, CVE-2012-3645, CVE-2012-3646,     CVE-2012-3647, CVE-2012-3648, CVE-2012-3650,     CVE-2012-3651, CVE-2012-3652, CVE-2012-3653,     CVE-2012-3655, CVE-2012-3656, CVE-2012-3658,     CVE-2012-3659, CVE-2012-3660, CVE-2012-3661,     CVE-2012-3663, CVE-2012-3664, CVE-2012-3665,     CVE-2012-3666, CVE-2012-3667, CVE-2012-3668,     CVE-2012-3669, CVE-2012-3670, CVE-2012-3671,     CVE-2012-3672, CVE-2012-3673, CVE-2012-3674,     CVE-2012-3676, CVE-2012-3677, CVE-2012-3678,     CVE-2012-3679, CVE-2012-3680, CVE-2012-3681,     CVE-2012-3682, CVE-2012-3683, CVE-2012-3684,     CVE-2012-3686, CVE-2012-3691, CVE-2012-3693,     CVE-2012-3695, CVE-2012-3696, CVE-2012-3703,     CVE-2012-3704, CVE-2012-3706, CVE-2012-3708,     CVE-2012-3710, CVE-2012-3747)

According to its banner, the remote Apple iOS device is missing a security update.  Versions of Apple iOS prior to 6.0 are exposed to the following vulnerabilities :

  - Numerous memory errors exist related to handling 'TIFF', 'PNG' and 'JPEG' images and 'ImageIO' that can allow arbitrary code execution. (CVE-2011-1167, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2012-1173, CVE-2012-3726)

  - Several issues exist related to 'CoreGraphics' and 'FreeType' (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1142, CVE-2012-1143, CVE-2012-1144)

  - Numerous issues exist related to libxml and can lead to application crashes or arbitrary code execution. (CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3919)

  - A stack-based buffer overflow exists related to 'locale ID' and 'International Components for Unicode' (ICU). (CVE-2011-4599)

  - An unitialized memory access issue exists related to 'Sorenson' encoded movie files and 'CoreMedia'. (CVE-2012-3722)

  - An URL handling issue exists related to 'CFNetwork' that can disclose sensitive information. (CVE-2012-3724)

  - The 'DNAv4' protocol discloses sensitive information when connecting to unencrypted Wi-Fi networks. (CVE-2012-3725)

  - A buffer overflow error exists related to 'IPSec' and 'racoon' configuration files. (CVE-2012-3727)

  - An invalid pointer dereference error exists related to the kernel and packet filter ioctls. (CVE-2012-3728)

  - An uninitialized memory access error exists related to the kernel and the Berkeley Packet Filter interpreter. (CVE-2012-3729)

  - Several issues exist related to 'Mail' and the handling of attachments and 'S/MIME' signed messages. (CVE-2012-3730, CVE-2012-3731, CVE-2012-3732)

  - Information disclosure issues exist related to 'Messages', 'Office Viewer', system logs, and 'UIKit'. (CVE-2012-3733, CVE-2012-3734, CVE-2012-3743, CVE-2012-3746)

  - Memory corruption errors exist related to 'OpenGL'. (CVE-2011-3457)

  - Numerous errors exist related to 'Passcode Lock'. (CVE-2012-3735, CVE-2012-3736, CVE-2012-3737, CVE-2012-3738, CVE-2012-3739, CVE-2012-3740)

  - An error exists in 'Restrictions' that can allow unauthorized purchases. (CVE-2012-3741)

  - Errors exist in 'Safari' that are related to misleading URL characters and password auto complete. (CVE-2012-3742, CVE-2012-0680)

  - A buffer overflow error exists related to 'Telephony' and SMS handling. (CVE-2012-3745)

  - Many errors exist related to the bundled 'WebKit' components. (CVE-2011-2845, CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3105, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2815, CVE-2012-2818, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3598, CVE-2012-3599, CVE-2012-3600, CVE-2012-3601, CVE-2012-3602, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3615, CVE-2012-3617, CVE-2012-3618, CVE-2012-3620, CVE-2012-3624, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3647, CVE-2012-3648, CVE-2012-3650, CVE-2012-3651, CVE-2012-3652, CVE-2012-3653, CVE-2012-3655, CVE-2012-3656, CVE-2012-3658, CVE-2012-3659, CVE-2012-3660, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3673, CVE-2012-3674, CVE-2012-3676, CVE-2012-3677, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3684, CVE-2012-3686, CVE-2012-3691, CVE-2012-3693, CVE-2012-3695, CVE-2012-3696, CVE-2012-3703, CVE-2012-3704, CVE-2012-3706, CVE-2012-3708, CVE-2012-3710, CVE-2012-3747)

The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-002 applied. This update contains multiple security-related fixes for the following components :

  - curl
  - Directory Service
  - ImageIO
  - libarchive
  - libsecurity
  - libxml
  - Quartz Composer
  - QuickTime
  - Ruby
  - Samba
  - Security Framework

The remote host is running a version of Mac OS X 10.7 that is older than version 10.7.3.  The newer version contains numerous security-related fixes for the following components :

  - Address Book
  - Apache
  - ATS
  - CFNetwork
 - CoreMedia
 - CoreText
 - CoreUI
 - curl
 - Data Security
 - dovecot
 - filecmds
 - ImageIO
 - Internet Sharing
 - Libinfo
 - libresolv
 - libsecurity
 - OpenGL
 - PHP
 - QuickTime
 - Subversion
 - Time Machine
 - WebDAV Sharing
 - Webmail
 - X11

The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.3. The newer version contains multiple security-related fixes for the following components :

  - Address Book
  - Apache
  - ATS
  - CFNetwork
  - CoreMedia
  - CoreText
  - CoreUI
  - curl
  - Data Security
  - dovecot
  - filecmds
  - ImageIO
  - Internet Sharing
  - Libinfo
  - libresolv
  - libsecurity
  - OpenGL
  - PHP
  - QuickTime
  - Subversion
  - Time Machine
  - WebDAV Sharing
  - Webmail
  - X11

ID	Name	Product	Family	Severity
62357	Apple TV < 5.1 Multiple Vulnerabilities	Nessus	Gain a shell remotely	high
62242	Apple iOS < 6.0 Multiple Vulnerabilities	Nessus	Mobile Devices	high
6589	Apple iOS < 6.0 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high
59067	Mac OS X Multiple Vulnerabilities (Security Update 2012-002) (BEAST)	Nessus	MacOS X Local Security Checks	critical
6303	Mac OS X 10.7 < 10.7.3 Multiple Vulnerabilities	Nessus Network Monitor	Generic	critical
57797	Mac OS X 10.7.x < 10.7.3 Multiple Vulnerabilities (BEAST)	Nessus	MacOS X Local Security Checks	critical

CVE-2011-3328

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Tenable Plugins