Apple TV < 5.2 Multiple Vulnerabilities

Medium Nessus Plugin ID 64456


The remote device is affected by multiple vulnerabilities.


According to its banner, the remote Apple TV 2nd generation or later device is prior to 5.2. It is, therefore, reportedly affected by several vulnerabilities :

- Failure to properly validate that the user-mode pointer and length passed to the copyin and copyout functions could allow a user-mode process to directly access kernel memory if the length is smaller than one page.

- An out-of-bounds read error in the Broadcom BCM4325 / BCM4329 firmware could allow a remote attacker on the same Wi-Fi network to cause an unexpected system termination by sending a specially crafted RSN (802.11i) information element. (CVE-2012-2619)


Upgrade to Apple TV 5.2 or later.

See Also

Plugin Details

Severity: Medium

ID: 64456

File Name: appletv_5_2.nasl

Version: $Revision: 1.7 $

Type: remote

Family: Misc.

Published: 2013/02/04

Modified: 2016/01/28

Dependencies: 42825

Risk Information

Risk Factor: Medium


Base Score: 6.1

Temporal Score: 5

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:apple:apple_tv

Required KB Items: www/appletv

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/01/28

Vulnerability Publication Date: 2012/10/23

Reference Information

CVE: CVE-2012-2619, CVE-2013-0964

BID: 56184, 57595

OSVDB: 86688, 89659

APPLE-SA: APPLE-SA-2013-01-28-2

CERT: 160027

EDB-ID: 22739