7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.043 Low
EPSS
Percentile
92.2%
06/30/2015
Critical
Multiple memory corruption vulnerabilities were found in Apple iTunes. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a man-in-the-middle attack at vectors related to iTunes Store browsing.
Apple iTunes versions earlier than 12.2
Update to the latest version
Get Apple iTunes
ACE
CVE-2015-10836.8High
CVE-2015-10826.8High
CVE-2015-10706.8High
CVE-2015-10796.8High
CVE-2015-10786.8High
CVE-2015-10816.8High
CVE-2015-10806.8High
CVE-2015-10776.8High
CVE-2015-10766.8High
CVE-2015-10756.8High
CVE-2015-10746.8High
CVE-2015-10716.8High
CVE-2015-10726.8High
CVE-2015-10696.8High
CVE-2015-10686.8High
CVE-2015-10736.8High
CVE-2014-44766.8High
CVE-2014-44776.8High
CVE-2014-44746.8High
CVE-2014-44756.8High
CVE-2014-44726.8High
CVE-2014-44736.8High
CVE-2014-44706.8High
CVE-2014-44716.8High
CVE-2014-44796.8High
CVE-2014-44596.8High
CVE-2015-11196.8High
CVE-2014-44667.5Critical
CVE-2015-11226.8High
CVE-2015-11216.8High
CVE-2015-11206.8High
CVE-2015-11246.8High
CVE-2014-31927.5Critical
CVE-2014-44686.8High
CVE-2014-44696.8High
CVE-2014-44525.4High
CVE-2015-11526.8High
CVE-2015-11546.8High
CVE-2015-11536.8High
www.apple.com/itunes/download/
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3192
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4452
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4466
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4468
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4469
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4470
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4471
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4472
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4473
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4474
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4475
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4476
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4477
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4479
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1068
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1070
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1071
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1072
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1073
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1074
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1075
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1077
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1078
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1079
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1080
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1081
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1082
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1083
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1119
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1120
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1121
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1122
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1124
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1152
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1154
statistics.securelist.com/vulnerability-scan/month
support.apple.com/en-us/HT204949
threats.kaspersky.com/en/product/Apple-iTunes/