Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.ITUNES_9_2.NASL
HistoryJun 17, 2010 - 12:00 a.m.

Apple iTunes < 9.2 Multiple Vulnerabilities (credentialed check)

2010-06-1700:00:00
This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
www.tenable.com
20
JSON

The version of Apple iTunes installed on the remote Windows host is older than 9.2. As such, it may be affected by multiple vulnerabilities :

  • A heap-based buffer overflow in the handling of images with an embedded ColorSync profile may lead to an application crash or arbitrary code execution.
    (CVE-2009-1726)

  • Multiple integer overflows in ImageIO’s handling of TIFF files may lead to an application crash or arbitrary code execution. (CVE-2010-1411)

  • Multiple vulnerabilities WebKit may have a variety of effects, including arbitrary code execution.
    (CVE-2010-0544, CVE-2010-1119, CVE-2010-1387, CVE-2010-1390, CVE-2010-1392, CVE-2010-1393, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1749, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1763, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1774)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(47037);
  script_version("1.22");
  script_cvs_date("Date: 2018/11/15 20:50:27");

  script_cve_id(
    "CVE-2009-1726",
    "CVE-2010-0544",
    "CVE-2010-1119",
    "CVE-2010-1387",
    "CVE-2010-1390",
    "CVE-2010-1392",
    "CVE-2010-1393",
    "CVE-2010-1395",
    "CVE-2010-1396",
    "CVE-2010-1397",
    "CVE-2010-1398",
    "CVE-2010-1399",
    "CVE-2010-1400",
    "CVE-2010-1401",
    "CVE-2010-1402",
    "CVE-2010-1403",
    "CVE-2010-1404",
    "CVE-2010-1405",
    "CVE-2010-1408",
    "CVE-2010-1409",
    "CVE-2010-1410",
    "CVE-2010-1411",
    "CVE-2010-1412",
    "CVE-2010-1414",
    "CVE-2010-1415",
    "CVE-2010-1416",
    "CVE-2010-1417",
    "CVE-2010-1418",
    "CVE-2010-1419",
    "CVE-2010-1421",
    "CVE-2010-1422",
    "CVE-2010-1749",
    "CVE-2010-1758",
    "CVE-2010-1759",
    "CVE-2010-1761",
    "CVE-2010-1763",
    "CVE-2010-1769",
    "CVE-2010-1770",
    "CVE-2010-1771",
    "CVE-2010-1774"
  );
  script_bugtraq_id(40657, 40663, 40697, 40710, 41053, 41054, 41125);

  script_name(english:"Apple iTunes < 9.2 Multiple Vulnerabilities (credentialed check)");
  script_summary(english:"Checks version of iTunes on Windows");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote host contains an application that is affected by multiple
vulnerabilities."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The version of Apple iTunes installed on the remote Windows host is
older than 9.2. As such, it may be affected by multiple
vulnerabilities :

  - A heap-based buffer overflow in the handling of images
    with an embedded ColorSync profile may lead to an
    application crash or arbitrary code execution.
    (CVE-2009-1726)

  - Multiple integer overflows in ImageIO's handling of
    TIFF files may lead to an application crash or
    arbitrary code execution. (CVE-2010-1411)

  - Multiple vulnerabilities WebKit may have a variety of
    effects, including arbitrary code execution.
    (CVE-2010-0544, CVE-2010-1119, CVE-2010-1387,
    CVE-2010-1390, CVE-2010-1392, CVE-2010-1393,
    CVE-2010-1395, CVE-2010-1396, CVE-2010-1397,
    CVE-2010-1398, CVE-2010-1399, CVE-2010-1400,
    CVE-2010-1401, CVE-2010-1402, CVE-2010-1403,
    CVE-2010-1404, CVE-2010-1405, CVE-2010-1408,
    CVE-2010-1409, CVE-2010-1410, CVE-2010-1412,
    CVE-2010-1414, CVE-2010-1415, CVE-2010-1416,
    CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,
    CVE-2010-1421, CVE-2010-1422, CVE-2010-1749,
    CVE-2010-1758, CVE-2010-1759, CVE-2010-1761,
    CVE-2010-1763, CVE-2010-1769, CVE-2010-1770,
    CVE-2010-1771, CVE-2010-1774)"
  );
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT4220");
  script_set_attribute(attribute:"see_also", value:"https://lists.apple.com/archives/security-announce/2010/Jun/msg00002.html");
  script_set_attribute(attribute:"solution", value:"Upgrade to Apple iTunes 9.2 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_cwe_id(119);

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/06/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/06/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/06/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:itunes");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");

  script_dependencies("itunes_detect.nasl");
  script_require_keys("SMB/iTunes/Version");

  exit(0);
}


include ("global_settings.inc");


version = get_kb_item("SMB/iTunes/Version");
if (isnull(version)) exit(1, "The 'SMB/iTunes/Version' KB item is missing.");

ver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(ver); i++)
  ver[i] = int(ver[i]);

if (
  ver[0] < 9 ||
  (
    ver[0] == 9 &&
    (
      ver[1] < 2 ||
      (ver[1] == 2 && ver[2] == 0 && ver[3] < 61)
    )
  )
)
{
  if (report_verbosity > 0)
  {
    report = '\n' +
      'iTunes ' + version + ' is installed on the remote host.\n';
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));
}
else exit(0, "The host is not affected since iTunes "+version+" is installed.");
VendorProductVersionCPE
appleitunescpe:/a:apple:itunes

References

Related

nessus 19
securityvulns 12
openvas 30
ubuntucve 28
freebsd 1
debiancve 26
cve 27
prion 26
fedora 8
threatpost 2
zdi 10
seebug 1
exploitpack 1
packetstorm 2
veracode 1
debian 1
oraclelinux 1
osv 1
android 1
checkpoint_advisories 1
nessus
nessus
Apple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check)
2010-06-17 00:00:00
iTunes < 9.2 Multiple Vulnerabilities
2010-06-17 00:00:00
Safari < 5.0 Multiple Vulnerabilities
2010-06-08 00:00:00
securityvulns
securityvulns
VUPEN Security Research - Apple Safari WebKit HTML Button Use-after-free Vulnerability &#40;CVE-2010-1392&#41;
2010-06-08 00:00:00
Apple Webkit / Safari / Google Chrome multiple security vulnerabilities
2010-06-11 00:00:00
ZDI-10-099: Apple Webkit ProcessInstruction Target Error Message Insertion Remote Code Execution Vulnerability
2010-06-08 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities (June-10)
2010-06-16 00:00:00
Apple Safari Multiple Vulnerabilities (Jun 2010)
2010-06-16 00:00:00
FreeBSD Ports: webkit-gtk2
2010-07-22 00:00:00
ubuntucve
ubuntucve
CVE-2010-1769
2010-06-18 00:00:00
CVE-2010-1763
2010-06-18 00:00:00
CVE-2010-1387
2010-06-18 00:00:00
freebsd
freebsd
webkit-gtk2 -- Multiple vulnerabilities
2010-07-16 00:00:00
debiancve
debiancve
CVE-2010-1387
2010-06-18 16:30:00
CVE-2010-1769
2010-06-18 16:30:00
CVE-2010-1763
2010-06-18 16:30:00
cve
cve
CVE-2010-1763
2010-06-18 16:30:00
CVE-2010-1769
2010-06-18 16:30:00
CVE-2010-1387
2010-06-18 16:30:00
prion
prion
Design/Logic Flaw
2010-06-18 16:30:00
Design/Logic Flaw
2010-06-18 16:30:00
Code injection
2010-06-18 16:30:00
fedora
fedora
[SECURITY] Fedora 13 Update: qt-4.6.3-8.fc13
2010-07-13 07:40:16
[SECURITY] Fedora 12 Update: webkitgtk-1.2.4-1.fc12
2010-09-21 01:43:18
[SECURITY] Fedora 13 Update: webkitgtk-1.2.4-1.fc13
2010-09-15 05:40:48
threatpost
threatpost
Apple Plugs 48 Security Holes in Safari Browser
2010-06-08 13:06:29
WebKit Security Flaws Haunt Apple iTunes
2010-06-17 14:44:15
zdi
zdi
Apple Webkit Recursive Use Element Remote Code Execution Vulnerability
2010-06-08 00:00:00
Apple Webkit First-Letter Pseudo-Element Style Remote Code Execution Vulnerability
2010-06-08 00:00:00
Apple Webkit SVG RadialGradiant Run-in Remote Code Execution Vulnerability
2010-06-08 00:00:00
seebug
seebug
Webkit Normalize Bug - Android 2.2
2014-07-01 00:00:00
exploitpack
exploitpack
Webkit Normalize Bug - Android 2.2
2012-02-01 00:00:00
packetstorm
packetstorm
Android 2.2 Webkit Normalize
2012-02-02 00:00:00
Android 2.0 / 2.1 / 2.1.1 WebKit Use-After-Free
2011-03-14 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:24
debian
debian
[SECURITY] [DSA 2084-1] New tiff packages fix arbitrary code execution
2010-08-03 05:31:06
oraclelinux
oraclelinux
libtiff security update
2010-07-08 00:00:00
osv
osv
tiff - arbitrary code execution
2010-08-03 00:00:00
android
android
WebKit Use-After-Free
2019-07-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Apple Safari Webkit Option Element ContentEditable Code Execution (CVE-2010-1396)
2010-09-26 00:00:00
JSON
Related for ITUNES_9_2.NASL
nessus19securityvulns12openvas30ubuntucve28freebsd1debiancve26cve27prion26fedora8threatpost2zdi10seebug1exploitpack1packetstorm2veracode1debian1oraclelinux1osv1android1checkpoint_advisories1