Apple iTunes < 12.5.4 Multiple Vulnerabilities (credentialed check)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is affected by multiple
vulnerabilities.

Description :

The version of Apple iTunes installed on the remote Windows host is
prior to 12.5.4. It is, therefore, affected by multiple
vulnerabilities :

- Multiple remote code execution vulnerabilities exist in
WebKit due to improper validation of user-supplied
input and improper handling of objects in memory. An
unauthenticated, remote attacker can exploit these
vulnerabilities, by convincing a user to visit a
specially crafted website, to corrupt memory and execute
arbitrary code. (CVE-2016-4692, CVE-2016-7635,
CVE-2016-7652)

- Multiple information disclosure vulnerabilities exist
in WebKit due to improper validation of user-supplied
input. An unauthenticated, remote attacker can exploit
these, by convincing a user to visit a specially crafted
website, to disclose memory contents. (CVE-2016-4743,
CVE-2016-7656)

- An information disclosure vulnerability exists in WebKit
due to improper validation of user-supplied input. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted website,
to disclose user information. (CVE-2016-7586)

- Multiple remote code execution vulnerabilities exist in
WebKit due to improper validation of user-supplied
input and improper state management. An unauthenticated,
remote attacker can exploit these vulnerabilities, by
convincing a user to visit a specially crafted website,
to corrupt memory and execute arbitrary code.
(CVE-2016-7587, CVE-2016-7589:, CVE-2016-7610,
CVE-2016-7611, CVE-2016-7639, CVE-2016-7640,
CVE-2016-7641, CVE-2016-7642, CVE-2016-7645,
CVE-2016-7646, CVE-2016-7648, CVE-2016-7649,
CVE-2016-7654)

- An information disclosure vulnerability exists in WebKit
due to improper handling of JavaScript prompts. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted website,
to corrupt memory and execute arbitrary code.
(CVE-2016-7592)

- An information disclosure vulnerability exists in WebKit
due to the use of uninitialized memory. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted website,
to disclose memory contents. (CVE-2016-7598)

- An information disclosure vulnerability exists that is
triggered when handling HTTP redirections. An
unauthenticated, remote attacker can exploit this, by
convincing a user to visit a specially crafted website,
to disclose user information. (CVE-2016-7599)

- A remote code execution vulnerability exists in WebKit
due to improper validation of user-supplied
input and improper state management. An unauthenticated,
remote attacker can exploit this, by convincing a user
to visit a specially crafted website, to cause a denial
of service condition or the execution of arbitrary code.
(CVE-2016-7632)

Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.

See also :

https://support.apple.com/en-us/HT207427
http://www.nessus.org/u?bbeabf43

Solution :

Upgrade to Apple iTunes version 12.5.4 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false