Lucene search

K
nessusTenable700035.PRM
HistoryApr 02, 2017 - 12:00 a.m.

Apple TV < 10.2 Multiple Vulnerabilities

2017-04-0200:00:00
Tenable
www.tenable.com
26

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.238 Low

EPSS

Percentile

96.6%

Versions of Apple TV earlier than 10.2 are affected by multiple vulnerabilities :

  • An unspecified flaw exists related to ‘nghttp2’ and ‘LibreSSL’ that is triggered during the handling of a malicious HTTP/2 server. This may allow an attacker to have multiple unspecified impacts. (CVE-2017-2428)
  • A type confusion flaw exists that is triggered as certain input is not properly validated when parsing specially crafted M4A audio files. This may allow a context-dependent attacker to corrupt memory and potentially execute arbitrary code. (CVE-2017-2430)
  • A use-after-free flaw exists in ‘libc++’ that is triggered when demangling C++ applications. This may allow a malicious application to dereference already freed memory and potentially execute arbitrary code. (CVE-2017-2441)
  • A flaw exists as OTR packets are not properly validated. By spoofing the TLS/SSL server via a packet that appears valid, an attacker with the ability to intercept network traffic (e.g. MitM, DNS cache poisoning) can disclose and optionally manipulate transmitted data. (CVE-2017-2448)
  • An overflow condition exists that is triggered as certain input is not properly validated when parsing specially crafted M4A audio files. This may allow a context-dependent attacker to cause a heap-based buffer overflow, potentially allowing execution of arbitrary code. (CVE-2017-2462)
  • An unspecified flaw exists that is triggered as certain input is not properly validated when parsing X.509 certificates. This may allow a context dependent-attacker to corrupt memory and potentially execute arbitrary code.

Additional flaws exist in the following components :

  • Carbon (CVE-2017-2379)
  • Carbon (CVE-2017-2379)
  • CoreGraphics (CVE-2017-2417, CVE-2017-2444)
  • CoreText (CVE-2017-2435, CVE-2017-2450, CVE-2017-2461)
  • FontParser (CVE-2017-2406, CVE-2017-2407, CVE-2017-2439, CVE-2017-2487)
  • ImageIO (CVE-2017-2416, CVE-2017-2432, CVE-2017-2467)
  • Kernel (CVE-2017-2401, CVE-2017-2440, CVE-2017-2456, CVE-2017-2472, CVE-2017-2473, CVE-2017-2474, CVE-2017-2478, CVE-2017-2482, CVE-2017-2483, CVE-2017-2490)
  • Keyboards (CVE-2017-2458)
  • libarchive (CVE-2017-2390)
  • Security (CVE-2017-2451)
  • Webkit (CVE-2017-2367, CVE-2017-2378, CVE-2017-2386, CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405, CVE-2017-2415, CVE-2017-2419, CVE-2017-2424, CVE-2017-2433, CVE-2017-2442, CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2454, CVE-2017-2455, CVE-2017-2459, CVE-2017-2460, CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468, CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2476, CVE-2017-2481)
Binary data 700035.prm
VendorProductVersionCPE
appleapple_tvcpe:/a:apple:apple_tv

References

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.238 Low

EPSS

Percentile

96.6%