Apple iTunes < 10.6.3 Multiple Vulnerabilities (credentialed check)
High Nessus Plugin ID 59497
SynopsisThe remote host contains a multimedia application that has multiple vulnerabilities.
DescriptionThe version of Apple iTunes installed on the remote Windows host is older than 10.6.3 and is, therefore, affected by the following issues :
- A memory corruption issue exists in WebKit that can allow malicious websites to crash the application and possibly to execute arbitrary code. (CVE-2012-0672)
- Stack and heap based buffer overflow errors related to the handling of 'm3u' playlist files. These errors can cause the application to crash or possibly allow arbitrary code execution. (CVE-2012-0677)
SolutionUpgrade to Apple iTunes 10.6.3 or later.