APPLE-SA-2014-09-17-1

APPLE-SA-2014-09-17-2

61306

61318

http://support.apple.com/kb/HT6440

http://support.apple.com/kb/HT6441

http://support.apple.com/kb/HT6442

69881

69970

1030866

apple-cve20144411-code-exec(96031)

https://support.apple.com/kb/HT6537

The version of Apple iTunes on the remote host is prior to version 12.0.1. It is, therefore, affected by multiple vulnerabilities related to the included version of WebKit. The errors could lead to application crashes or arbitrary code execution.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Apple iTunes installed on the remote Windows host is prior to 12.0.1. It is, therefore, affected by multiple vulnerabilities due to the included version of WebKit. The errors could lead to application crashes or arbitrary code execution.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Versions of iTunes earlier than 12.0.1 are missing updates that patch memory corruption vulnerabilities within WebKit, as well as a patch that fixes a man-in-the-middle vulnerability that affects encrypted connections to the iTunes Store via iTunes. The most severe of these vulnerabilites can result in arbitrary remote code execution or unexpected application termination.

According to its banner, the remote Apple TV device is a version prior to 7. It is, therefore, affected by multiple vulnerabilities, the most serious of which can result in arbitrary code execution.

The remote host has Safari installed that is older than 6.2 or 7.1, and is thus unpatched for the following WebKit vulnerabilities :

 - Saved passwords and incorrect automatic filling of HTML forms contain an error that could be leveraged to obtain sensitive information. (CVE-2014-4363)
 - Multiple memory corruption errors exist in WebKit that could potentially be leveraged for arbitrary code execution. (CVE-2013-6663, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4415)
 - HTML5 application cache data handling with WebKit that allows the disclosure of sensitive information from private browsing sessions. (CVE-2014-4409)

The following components contain vulnerabilities that have since been patched in version 7.0:

  - 802.1X
  - Accounts
  - Accessibility
  - Accounts Framework
  - Address Book
  - App Installation
  - Assets
  - Bluetooth
  - CoreGraphics
  - Foundation
  - Home & Lock Screen
  - iMessage
  - IOAcceleratorFamily
  - IOAcceleratorFamily
  - IOHIDFamily
  - IOHIDFamily
  - IOKit
  - Kernel
  - Libnotify
  - Mail
  - Profiles
  - Safari
  - Sandbox Profiles
  - syslog
  - WebKit

The version of Apple Safari installed on the remote Mac OS X host is a version prior to 6.2 or 7.1. It is, therefore, affected by the following vulnerabilities :

  - An error exists related to saved passwords and the     incorrect automatic filling of HTML forms. A remote     attacker can exploit this to obtain sensitive     information. (CVE-2014-4363)

  - Multiple memory corruption errors exist related to     the included version of WebKit that can allow     application crashes or arbitrary code execution.
    (CVE-2013-6663, CVE-2014-4410, CVE-2014-4411,     CVE-2014-4412, CVE-2014-4413, CVE-2014-4414,     CVE-2014-4415)

  - An error exists related to HTML5 application cache     data handling and the included version of WebKit that     allows the disclosure of sensitive information from     private browsing sessions. (CVE-2014-4409)

The mobile device is running a version of iOS prior to version 8. It is, therefore, affected by vulnerabilities in the following components :

  - 802.1X
  - Accessibility
  - Accounts
  - Accounts Framework
  - Address Book
  - App Installation
  - Assets
  - Bluetooth
  - Certificate Trust Policy
  - CoreGraphics
  - Data Detectors
  - Foundation
  - Home and Lock Screen
  - iMessage
  - IOAcceleratorFamily
  - IOHIDFamily
  - IOKit
  - Kernel
  - Libnotify
  - Lockdown
  - Lockdown
  - Mail
  - Profiles
  - Safari
  - Sandbox Profiles
  - Settings
  - syslog
  - Weather
  - WebKit
  - Wifi

According to its banner, the remote iOS device is missing a security update.  Versions of Apple iOS prior to 8.0 are affected by vulnerabilities within the following components :

  - 802.1X
  - Accessibility
  - Accounts Framework
  - Accounts
  - Address Book
  - App Installation
  - Assets
  - Bluetooth
  - Certificate Trust Policy
  - CoreGraphics
  - Data Detectors
  - Foundation
  - Home & Lock Screen
  - IOAcceleratorFamily
  - IOHIDFamily
  - IOKit
  - Kernel
  - Libnotify
  - Lockdown
  - Mail
  - Profiles
  - Safari
  - Sandbox Profiles
  - Settings
  - Weather
  - WebKit
  - WiFi
  - iMessage
  - syslog

ID	Name	Product	Family	Severity
78598	Apple iTunes < 12.0.1 Multiple Vulnerabilities (uncredentialed check)	Nessus	Peer-To-Peer File Sharing	critical
78597	Apple iTunes < 12.0.1 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	critical
8561	iTunes < 12.0.1 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	critical
77822	Apple TV < 7 Multiple Vulnerabilities	Nessus	Misc.	high
8395	Safari < 6.2 / 7.1 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
8392	Apple TV < 7 Multiple Vulnerabilities	Nessus Network Monitor	Internet Services	critical
77747	Mac OS X : Apple Safari < 6.2 / 7.1 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	high
77745	Apple iOS < 8 Multiple Vulnerabilities	Nessus	Mobile Devices	high
8393	Apple iOS < 8.0 Multiple Vulnerabilities	Nessus Network Monitor	Mobile Devices	high

CVE-2014-4411

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins

critical

critical

critical

high

high

critical

high

high

high