Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.803807
Category:General
Title:Apple iTunes Multiple Vulnerabilities - June13 (Mac OS X)
Summary:This host is installed with Apple iTunes and is prone to; multiple vulnerabilities.
Description:Summary:
This host is installed with Apple iTunes and is prone to
multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws due to

- Improper validation of SSL certificates.

- Integer overflow error within the 'string.replace()' method.

- Some vulnerabilities are due to a bundled vulnerable version of WebKit.

- Array indexing error when handling JSArray objects.

- Boundary error within the 'string.concat()' method.

Vulnerability Impact:
Successful exploitation will allow attackers to execute arbitrary code,
conduct Man-in-the-Middle (MitM) attack or cause heap-based buffer overflow.

Affected Software/OS:
Apple iTunes before 11.0.3 on Mac OS X.

Solution:
Upgrade to version 11.0.3 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-1014
http://lists.apple.com/archives/security-announce/2013/May/msg00000.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17605
Common Vulnerability Exposure (CVE) ID: CVE-2013-1011
http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17407
Common Vulnerability Exposure (CVE) ID: CVE-2013-1010
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17123
http://secunia.com/advisories/54886
Common Vulnerability Exposure (CVE) ID: CVE-2013-1008
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17359
Common Vulnerability Exposure (CVE) ID: CVE-2013-1007
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17441
Common Vulnerability Exposure (CVE) ID: CVE-2013-1006
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17143
Common Vulnerability Exposure (CVE) ID: CVE-2013-1005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17601
Common Vulnerability Exposure (CVE) ID: CVE-2013-1004
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17604
Common Vulnerability Exposure (CVE) ID: CVE-2013-1003
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17252
Common Vulnerability Exposure (CVE) ID: CVE-2013-1002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17187
Common Vulnerability Exposure (CVE) ID: CVE-2013-1001
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17572
Common Vulnerability Exposure (CVE) ID: CVE-2013-1000
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17396
Common Vulnerability Exposure (CVE) ID: CVE-2013-0999
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16762
Common Vulnerability Exposure (CVE) ID: CVE-2013-0998
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17300
Common Vulnerability Exposure (CVE) ID: CVE-2013-0997
http://lists.apple.com/archives/security-announce/2013/Sep/msg00003.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17466
Common Vulnerability Exposure (CVE) ID: CVE-2013-0996
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17298
Common Vulnerability Exposure (CVE) ID: CVE-2013-0995
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17561
Common Vulnerability Exposure (CVE) ID: CVE-2013-0994
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17400
Common Vulnerability Exposure (CVE) ID: CVE-2013-0993
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17009
Common Vulnerability Exposure (CVE) ID: CVE-2013-0992
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17621
Common Vulnerability Exposure (CVE) ID: CVE-2013-0991
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16907
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.