Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Apple TV < 7.0.2 Multiple Vulnerabilities

High

Synopsis

The remote host is missing a critical Apple TV patch update.

Description

According to its banner, the remote Apple TV device is missing a security update. It is, therefore, affected by the following vulnerabilities :

- Memory corruption flaw within WebKit which can allow a remote attacker to execute arbitrary code or crash the application. (CVE-2014-4462, CVE-2014-4452) - Memory corruption flaw within IOSharedDataQueue which can allow a remote attacker to execute arbitrary code in a privileged context via a crafted application. (CVE-2014-4461) - Memory corruption flaw within the Mach-O executable files which allows local users to bypass code-signing restrictions. (CVE-2014-4455)

Solution

Upgrade to Apple TV 7.0.2 or later.