Apple iTunes Multiple vulnerabilities
Last Update Date:
24 Jan 2014 12:29
Release Date:
24 Jan 2014
4342
Views
RISK: High Risk
TYPE: Clients - Audio & Video
Multiple vulnerabilities have been identified in Apple iTunes.
- A remote user can execute arbitrary code on the target system.
- A remote authenticated user can write files outside of the target SMB directory.
- A local user can bypass security restrictions.
Impact
- Denial of Service
- Remote Code Execution
- Data Manipulation
System / Technologies affected
- Apple iTunes prior to 11.1.4
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix (11.1.4).
Vulnerability Identifier
- CVE-2011-3102
- CVE-2012-0841
- CVE-2012-2807
- CVE-2012-2825
- CVE-2012-2870
- CVE-2012-2871
- CVE-2012-5134
- CVE-2013-1024
- CVE-2013-1037
- CVE-2013-1038
- CVE-2013-1039
- CVE-2013-1040
- CVE-2013-1041
- CVE-2013-1042
- CVE-2013-1043
- CVE-2013-1044
- CVE-2013-1045
- CVE-2013-1046
- CVE-2013-1047
- CVE-2013-2842
- CVE-2013-5125
- CVE-2013-5126
- CVE-2013-5127
- CVE-2013-5128
- CVE-2014-1242
Source
Related Link
Share with