Apple TV < 6.1.2 Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 8323
SynopsisThe version of this Apple TV device is not current and is thus exposed to multiple vulnerabilities.
DescriptionThe following vulnerabilities have since been patched in version 6.1.2 :
- iTunes store transaction may be completed without providing a valid password when prompted (CVE-2014-1383)
- WebKit memory corruption vulnerabilities (CVE-2013-2875, CVE-2013-2927, CVE-2014-1323, CVE-2014-1325, CVE-2014-1326, CVE-2014-1327, CVE-2014-1329, CVE-2014-1330, CVE-2014-1331, CVE-2014-1333, CVE-2014-1334, CVE-2014-1335, CVE-2014-1336, CVE-2014-1337, CVE-2014-1338, CVE-2014-1339, CVE-2014-1341, CVE-2014-1342, CVE-2014-1343, CVE-2014-1362, CVE-2014-1363, CVE-2014-1364, CVE-2014-1365, CVE-2014-1366, CVE-2014-1367, CVE-2014-1368, CVE-2014-1382, CVE-2014-1731)
- Various memory issues, inadequate bounds-checking, and null pointer derferencing issues that could potentially result in arbitrary code execution, with system privileges (CVE-2014-1355, CVE-2014-1356, CVE-2014-1357, CVE-2014-1358, CVE-2014-1359, CVE-2014-1361)
SolutionUpgrade Apple TV to 6.1.2, or later.