Apple iTunes < 10.7 多個弱點 (未經認證的檢查)

critical Nessus Plugin ID 62078

Synopsis

遠端主機包含一個有多個弱點的多媒體應用程式。

描述

遠端主機上的 Apple iTunes 版本比 10.7 版舊。因此,會受到 WebKit 元件中的多個記憶體損毀弱點影響。

解決方案

升級至 Apple iTunes 10.7 或更新版本。

另請參閱

https://support.apple.com/en-us/HT202598

https://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html

Plugin 詳細資訊

嚴重性: Critical

ID: 62078

檔案名稱: itunes_10_7_banner.nasl

版本: 1.16

類型: remote

已發布: 2012/9/13

已更新: 2019/12/4

風險資訊

VPR

風險因素: High

分數: 8.9

CVSS v2

風險因素: Critical

基本分數: 10

時間分數: 8.7

媒介: AV:N/AC:L/Au:N/C:C/I:C/A:C

時間媒介: E:H/RL:OF/RC:C

CVSS 評分資料來源: CVE-2012-1521

弱點資訊

CPE: cpe:/a:apple:itunes

必要的 KB 項目: iTunes/sharing

可被惡意程式利用: true

可輕鬆利用: Exploits are available

修補程式發佈日期: 2012/9/12

弱點發布日期: 2012/9/12

參考資訊

CVE: CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078, CVE-2011-3081, CVE-2011-3086, CVE-2011-3089, CVE-2011-3090, CVE-2011-3105, CVE-2011-3913, CVE-2011-3924, CVE-2011-3926, CVE-2011-3958, CVE-2011-3966, CVE-2011-3968, CVE-2011-3969, CVE-2011-3971, CVE-2012-0682, CVE-2012-0683, CVE-2012-1520, CVE-2012-1521, CVE-2012-2817, CVE-2012-2818, CVE-2012-2829, CVE-2012-2831, CVE-2012-2842, CVE-2012-2843, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3593, CVE-2012-3594, CVE-2012-3595, CVE-2012-3596, CVE-2012-3597, CVE-2012-3598, CVE-2012-3599, CVE-2012-3600, CVE-2012-3601, CVE-2012-3602, CVE-2012-3603, CVE-2012-3604, CVE-2012-3605, CVE-2012-3606, CVE-2012-3607, CVE-2012-3608, CVE-2012-3609, CVE-2012-3610, CVE-2012-3611, CVE-2012-3612, CVE-2012-3613, CVE-2012-3614, CVE-2012-3615, CVE-2012-3616, CVE-2012-3617, CVE-2012-3618, CVE-2012-3620, CVE-2012-3621, CVE-2012-3622, CVE-2012-3623, CVE-2012-3624, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3629, CVE-2012-3630, CVE-2012-3631, CVE-2012-3632, CVE-2012-3633, CVE-2012-3634, CVE-2012-3635, CVE-2012-3636, CVE-2012-3637, CVE-2012-3638, CVE-2012-3639, CVE-2012-3640, CVE-2012-3641, CVE-2012-3642, CVE-2012-3643, CVE-2012-3644, CVE-2012-3645, CVE-2012-3646, CVE-2012-3647, CVE-2012-3648, CVE-2012-3649, CVE-2012-3651, CVE-2012-3652, CVE-2012-3653, CVE-2012-3654, CVE-2012-3655, CVE-2012-3656, CVE-2012-3657, CVE-2012-3658, CVE-2012-3659, CVE-2012-3660, CVE-2012-3661, CVE-2012-3663, CVE-2012-3664, CVE-2012-3665, CVE-2012-3666, CVE-2012-3667, CVE-2012-3668, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3673, CVE-2012-3674, CVE-2012-3675, CVE-2012-3676, CVE-2012-3677, CVE-2012-3678, CVE-2012-3679, CVE-2012-3680, CVE-2012-3681, CVE-2012-3682, CVE-2012-3683, CVE-2012-3684, CVE-2012-3685, CVE-2012-3686, CVE-2012-3687, CVE-2012-3688, CVE-2012-3692, CVE-2012-3699, CVE-2012-3700, CVE-2012-3701, CVE-2012-3702, CVE-2012-3703, CVE-2012-3704, CVE-2012-3705, CVE-2012-3706, CVE-2012-3707, CVE-2012-3708, CVE-2012-3709, CVE-2012-3710, CVE-2012-3711, CVE-2012-3712

BID: 51041, 51641, 51911, 52031, 52271, 52674, 52762, 52913, 53309, 53540, 54203, 54680, 55534, 57027