Apple iTunes < 12.2 Multiple Vulnerabilities (uncredentialed check)
high Nessus Plugin ID 86600
Language:
Synopsis
The remote host contains an application that is affected by multiple vulnerabilities.Description
The version of Apple iTunes running on the remote host is prior to 12.2. It is, therefore, affected by multiple vulnerabilities due to memory corruption issues in the WebKit component. An attacker can exploit these to cause a denial of service or execute arbitrary code.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Apple version iTunes 12.2 or later.See Also
Plugin Details
Severity: High
ID: 86600
File Name: itunes_12_2_0_banner.nasl
Version: 1.5
Type: remote
Family: Peer-To-Peer File Sharing
Published: 10/26/2015
Updated: 11/20/2019
Risk Information
CVSS Score Source: CVE-2014-4466
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Temporal Vector: E:U/RL:OF/RC:C
Vulnerability Information
CPE: cpe:/a:apple:itunes
Required KB Items: iTunes/sharing
Exploit Ease: No known exploits are available
Patch Publication Date: 6/30/2015
Vulnerability Publication Date: 9/19/2014
Reference Information
CVE: CVE-2014-3192, CVE-2014-4452, CVE-2014-4459, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475, CVE-2014-4476, CVE-2014-4477, CVE-2014-4479, CVE-2015-1068, CVE-2015-1069, CVE-2015-1070, CVE-2015-1071, CVE-2015-1072, CVE-2015-1073, CVE-2015-1074, CVE-2015-1075, CVE-2015-1076, CVE-2015-1077, CVE-2015-1078, CVE-2015-1079, CVE-2015-1080, CVE-2015-1081, CVE-2015-1082, CVE-2015-1083, CVE-2015-1119, CVE-2015-1120, CVE-2015-1121, CVE-2015-1122, CVE-2015-1124, CVE-2015-1152, CVE-2015-1153, CVE-2015-1154
BID: 70273, 71137, 71144, 71438, 71442, 71444, 71445, 71449, 71451, 71459, 71461, 71462, 72329, 72330, 72331, 73972, 74523, 74525, 74526
APPLE-SA: APPLE-SA-2015-06-30-6