KLA11276Multiple vulnerabilities in Apple iTunes

2017-10-31T00:00:00
ID KLA11276
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

10/31/2017

Severity:

High

Description:

Multiple memory corruption vulnerabilities were found in Apple iTunes. By exploiting this vulnerability malicious users can execute arbitrary code and cause denial of service. This vulnerability can be exploited remotely via a specially crafted webpage.

Affected products:

Apple iTunes earlier than 12.7.1

Solution:

Update to latest version
Download iTunes

Original advisories:

About the security content of iTunes 12.7.1 for Windows

Impacts:

ACE

Related products:

Apple iTunes

CVE-IDS:

CVE-2017-137846.8High
CVE-2017-137856.8High
CVE-2017-137916.8High
CVE-2017-137926.8High
CVE-2017-137946.8High
CVE-2017-137956.8High
CVE-2017-137966.8High
CVE-2017-137986.8High
CVE-2017-138026.8High
CVE-2017-137836.8High
CVE-2017-137886.8High
CVE-2017-137936.8High
CVE-2017-138036.8High