Lucene search

K
kasperskyKaspersky LabKLA11282
HistoryMay 29, 2018 - 12:00 a.m.

KLA11282 Multiple vulnerabilities in Apple iTunes

2018-05-2900:00:00
Kaspersky Lab
threats.kaspersky.com
37

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.954 High

EPSS

Percentile

99.3%

Detect date:

05/29/2018

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface and obtain sensitive information.

Affected products:

Apple iTunes earlier than 12.7.5

Solution:

Update to the latest version
Download iTunes

Original advisories:

About the security content of iTunes 12.7.5 for Windows

Impacts:

ACE

Related products:

Apple iTunes

CVE-IDS:

CVE-2018-41946.8High
CVE-2018-42186.8High
CVE-2018-42466.8High
CVE-2018-42226.8High
CVE-2018-42242.1Warning
CVE-2018-42252.1Warning
CVE-2018-42262.1Warning
CVE-2018-42324.3Warning
CVE-2018-42336.8High
CVE-2018-41884.3Warning
CVE-2018-41904.3Warning
CVE-2018-41925.1High
CVE-2018-41996.8High
CVE-2018-42006.8High
CVE-2018-42016.8High
CVE-2018-42046.8High
CVE-2018-42146.8High

Exploitation:

Public exploits exist for this vulnerability.

References

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.954 High

EPSS

Percentile

99.3%