Apple TV < 7.0.4 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 8674
SynopsisThe remote host is missing a critical Apple TV patch update.
DescriptionAccording to its banner, the remote Apple TV device is missing a security update. It is, therefore, affected by the following vulnerabilities :
- There is a flaw in the way that the IOSurface component handles "type confusion" which would allow a remote attacker to execute arbitrary code as a privileged user. (CVE-2015-1061)
- The MobileStorageMounter component allows attackers to create arbitrary filesystem locations. (CVE-2015-1062)
- The Secure Transport component allows remote attackers to downgrade the encryption cipher. (CVE-2015-1067)
SolutionUpgrade to Apple TV 7.0.4 or later.