Apple iTunes < 11.2 Multiple Vulnerabilities (credentialed check)
Medium Nessus Plugin ID 74040
SynopsisThe remote host contains an application that is affected by multiple vulnerabilities.
DescriptionThe version of Apple iTunes installed on the remote host is prior to version 11.2. It is, therefore, affected by multiple vulnerabilities :
- A flaw exists in the CFNetwork HTTPProtocol due to a failure to properly ensure that a Set-Cookie HTTP header is complete before interpreting the header's value. A man-in-the-middle attacker can exploit this to bypass security settings by closing the connection before the security settings are sent, resulting in the disclosure of sensitive information. (CVE-2014-1296)
- A memory corruption issue exists due to improper validation of user-supplied input when handling MP4 files. An attacker can exploit this, by convincing a user to open a specially crafted MP4 file, to corrupt memory, resulting in the execution of arbitrary code.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Apple iTunes 11.2 or later.