Apple TV < 7.2 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 8802
SynopsisThe remote host is missing a critical Apple TV patch update.
DescriptionAccording to its banner, the remote Apple TV device is missing a security update. It is, therefore, affected by the following vulnerabilities :
- The IOHIDFamily allows attackers within physical proximity to execute a Denial of Service attack within a kernel context. (CVE-2015-1095)
- The 'Podcasts' component allows remote attackers to discover unique identifiers by reading an asset-download request data. (CVE-2015-1110)
- The Audio Drivers subsystem does not properly validate IOKit object metadata which allows an attacker to execute arbitrary code. (CVE-2015-1086)
SolutionUpgrade to Apple TV 7.2 or later.