Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2024 Greenbone AGOPENVAS:1361412562310832977
HistoryMay 14, 2024 - 12:00 a.m.

Apple iTunes Security Update (HT214099)

2024-05-1400:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
1
apple itunes
security update
cve-2024-27793
vulnerability
code execution
version 12.13.2

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

Apple iTunes is prone to an unknown
vulnerability.

# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:apple:itunes";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.832977");
  script_version("2024-06-21T05:05:42+0000");
  script_cve_id("CVE-2024-27793");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2024-06-21 05:05:42 +0000 (Fri, 21 Jun 2024)");
  script_tag(name:"creation_date", value:"2024-05-14 11:49:07 +0530 (Tue, 14 May 2024)");
  script_name("Apple iTunes Security Update (HT214099)");

  script_tag(name:"summary", value:"Apple iTunes is prone to an unknown
  vulnerability.");

  script_tag(name: "vuldetect" , value:"Checks if a vulnerable version is
  present on the target host.");

  script_tag(name: "insight" , value:"The flaw exists due to an unknown
  vulnerability in Apple iTunes.");

  script_tag(name: "impact" , value:"Successful exploitation allows an attacker
  to parse a file, which can lead to an unexpected app termination or arbitrary
  code execution.");

  script_tag(name: "affected" , value:"Apple iTunes prior to version 12.13.2");

  script_tag(name: "solution" , value:"Update to version 12.13.2 or later.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"registry");
  script_xref(name:"URL", value:"https://support.apple.com/en-us/HT214099");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2024 Greenbone AG");
  script_family("General");
  script_dependencies("secpod_apple_itunes_detection_win_900123.nasl");
  script_mandatory_keys("iTunes/Win/Ver");
  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);

vers = infos["version"];
path = infos["location"];

if(version_is_less(version:vers, test_version:"12.13.2")) {
  report = report_fixed_ver(installed_version:vers, fixed_version:"12.13.2", install_path:path);
  security_message(port:0, data:report);
  exit(0);
}

exit(99);

Related

nessus 2
cvelist 1
kaspersky 1
nvd 1
vulnrichment 1
apple 1
cve 1
nessus
nessus
Apple iTunes < 12.13.2 A Vulnerability (credentialed check)
2024-05-08 00:00:00
Apple iTunes < 12.13.2 A Vulnerability (uncredentialed check)
2024-05-08 00:00:00
cvelist
cvelist
CVE-2024-27793
2024-05-08 22:15:21
kaspersky
kaspersky
KLA67226 ACE vulnerability in Apple iTunes
2024-05-08 00:00:00
nvd
nvd
CVE-2024-27793
2024-05-14 15:13:02
vulnrichment
vulnrichment
CVE-2024-27793
2024-05-08 22:15:21
apple
apple
About the security content of iTunes 12.13.2 for Windows
2024-05-08 00:00:00
cve
cve
CVE-2024-27793
2024-05-14 15:13:02

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for OPENVAS:1361412562310832977
nessus2cvelist1kaspersky1nvd1vulnrichment1apple1cve1