Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310806609
HistoryNov 03, 2015 - 12:00 a.m.

Apple iTunes Multiple Vulnerabilities (Nov 2015) - Windows

2015-11-0300:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
9

8.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

91.0%

JSON

Apple iTunes is prone to multiple vulnerabilities.

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:apple:itunes";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.806609");
  script_version("2024-02-09T05:06:25+0000");
  script_cve_id("CVE-2015-5928", "CVE-2015-5929", "CVE-2015-5930", "CVE-2015-5931",
                "CVE-2015-7002", "CVE-2015-7011", "CVE-2015-7012", "CVE-2015-7013",
                "CVE-2015-7014", "CVE-2015-6975", "CVE-2015-6992", "CVE-2015-7017");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"2024-02-09 05:06:25 +0000 (Fri, 09 Feb 2024)");
  script_tag(name:"creation_date", value:"2015-11-03 14:51:27 +0530 (Tue, 03 Nov 2015)");
  script_name("Apple iTunes Multiple Vulnerabilities (Nov 2015) - Windows");

  script_tag(name:"summary", value:"Apple iTunes is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws are due to:

  - Multiple memory corruption issues in WebKit.

  - Multiple memory corruption issues in the processing of text files.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to execute arbitrary code or conduct denial-of-service condition on
  the affected system.");

  script_tag(name:"affected", value:"Apple iTunes versions before 12.3.1
  on Windows.");

  script_tag(name:"solution", value:"Upgrade to Apple iTunes 12.3.1 or later.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_tag(name:"qod_type", value:"registry");

  script_xref(name:"URL", value:"https://support.apple.com/en-us/HT205372");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/77264");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/77267");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/77270");
  script_xref(name:"URL", value:"http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_family("General");
  script_dependencies("secpod_apple_itunes_detection_win_900123.nasl");
  script_mandatory_keys("iTunes/Win/Installed");

  exit(0);
}

include("host_details.inc");
include("version_func.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE))
  exit(0);

vers = infos["version"];
path = infos["location"];

if(version_is_less(version:vers, test_version:"12.3.1")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"12.3.1", install_path:path);
  security_message(port:0, data:report);
  exit(0);
}

exit(99);

Related

securityvulns 8
nessus 17
kaspersky 1
openvas 10
prion 12
cve 12
ubuntucve 9
fedora 6
mageia 2
ubuntu 1
securityvulns
securityvulns
APPLE-SA-2015-10-21-5 iTunes 12.3.1
2015-10-25 00:00:00
APPLE-SA-2015-10-21-3 Safari 9.0.1
2015-10-25 00:00:00
APPLE-SA-2015-10-21-1 iOS 9.1
2015-10-25 00:00:00
nessus
nessus
Apple iTunes < 12.3.1 Multiple Vulnerabilities (credentialed check)
2015-10-26 00:00:00
Apple iTunes < 12.3.1 Multiple Vulnerabilities (uncredentialed check)
2015-10-26 00:00:00
Mac OS X : Apple Safari < 9.0.1 Multiple RCE
2015-11-06 00:00:00
kaspersky
kaspersky
KLA10685 Multiple vulnerabilities at Apple iTunes
2015-10-21 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities-01 (Nov 2015) - Mac OS X
2015-11-03 00:00:00
Apple Mac OS X Multiple Vulnerabilities-02 (HT205375)
2018-05-15 00:00:00
Mageia: Security Advisory (MGASA-2016-0116)
2016-03-31 00:00:00
prion
prion
Memory corruption
2015-10-23 10:59:00
Memory corruption
2015-10-23 10:59:00
Memory corruption
2015-10-23 10:59:00
cve
cve
CVE-2015-7017
2015-10-23 10:59:00
CVE-2015-6975
2015-10-23 10:59:00
CVE-2015-6992
2015-10-23 10:59:00
ubuntucve
ubuntucve
CVE-2015-5931
2015-10-23 00:00:00
CVE-2015-5928
2015-10-23 00:00:00
CVE-2015-5929
2015-10-23 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: webkitgtk4-2.10.4-1.fc22
2016-02-01 06:38:54
[SECURITY] Fedora 24 Update: webkitgtk-2.4.10-1.fc24
2016-03-27 00:38:11
[SECURITY] Fedora 23 Update: webkitgtk-2.4.10-1.fc23
2016-03-22 19:55:11
mageia
mageia
Updated webkit2 packages fix security vulnerability
2016-03-25 09:38:37
Updated webkit packages fix security vulnerability
2016-03-25 09:38:37
ubuntu
ubuntu
WebKitGTK+ vulnerabilities
2016-03-21 00:00:00

8.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

91.0%

JSON
Related for OPENVAS:1361412562310806609
securityvulns8nessus17kaspersky1openvas10prion12cve12ubuntucve9fedora6mageia2ubuntu1