Apple Products Multiple Vulnerabilities

Last Update Date: 26 Sep 2018 11:17 Release Date: 26 Sep 2018 4648 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

Multiple vulnerabilities have been identified in Apple products. A remote user can exploit these vulnerabilities to trigger denial of service， remote code execution and cross-site scripting attacks.

Impact

Cross-Site Scripting
Denial of Service
Remote Code Execution

System / Technologies affected

Prior to Apple iTunes 12.9 for Windows
MacOS Mojave 10.14

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

The vendor has issued a fix:

https://support.apple.com/en-us/HT209140

https://support.apple.com/en-us/HT209139

Vulnerability Identifier

CVE-2016-1777
CVE-2018-4191
CVE-2018-4197
CVE-2018-4299
CVE-2018-4306
CVE-2018-4309
CVE-2018-4311
CVE-2018-4312
CVE-2018-4314
CVE-2018-4315
CVE-2018-4316
CVE-2018-4317
CVE-2018-4318
CVE-2018-4319
CVE-2018-4321
CVE-2018-4323
CVE-2018-4324
CVE-2018-4328
CVE-2018-4333
CVE-2018-4336
CVE-2018-4344
CVE-2018-4345
CVE-2018-4353
CVE-2018-4358
CVE-2018-4359
CVE-2018-4361

Source

SecurityTracker
US-CERT
Apple