English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.803806
Categoría:General
Título:Apple iTunes Multiple Vulnerabilities - June13 (Windows)
Resumen:This host is installed with Apple iTunes and is prone to; multiple vulnerabilities.
Descripción:Summary:
This host is installed with Apple iTunes and is prone to
multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws due to

- Improper validation of SSL certificates.

- Integer overflow error within the 'string.replace()' method.

- Some vulnerabilities are due to a bundled vulnerable version of WebKit.

- Array indexing error when handling JSArray objects.

- Boundary error within the 'string.concat()' method.

Vulnerability Impact:
Successful exploitation will allow attackers to execute arbitrary code,
conduct Man-in-the-Middle (MitM) attack or cause heap-based buffer overflow.

Affected Software/OS:
Apple iTunes before 11.0.3 on Windows.

Solution:
Upgrade to version 11.0.3 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-1014
http://lists.apple.com/archives/security-announce/2013/May/msg00000.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17605
Common Vulnerability Exposure (CVE) ID: CVE-2013-1011
http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17407
Common Vulnerability Exposure (CVE) ID: CVE-2013-1010
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17123
http://secunia.com/advisories/54886
Common Vulnerability Exposure (CVE) ID: CVE-2013-1008
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17359
Common Vulnerability Exposure (CVE) ID: CVE-2013-1007
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17441
Common Vulnerability Exposure (CVE) ID: CVE-2013-1006
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17143
Common Vulnerability Exposure (CVE) ID: CVE-2013-1005
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17601
Common Vulnerability Exposure (CVE) ID: CVE-2013-1004
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17604
Common Vulnerability Exposure (CVE) ID: CVE-2013-1003
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17252
Common Vulnerability Exposure (CVE) ID: CVE-2013-1002
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17187
Common Vulnerability Exposure (CVE) ID: CVE-2013-1001
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17572
Common Vulnerability Exposure (CVE) ID: CVE-2013-1000
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17396
Common Vulnerability Exposure (CVE) ID: CVE-2013-0999
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16762
Common Vulnerability Exposure (CVE) ID: CVE-2013-0998
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17300
Common Vulnerability Exposure (CVE) ID: CVE-2013-0997
http://lists.apple.com/archives/security-announce/2013/Sep/msg00003.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17466
Common Vulnerability Exposure (CVE) ID: CVE-2013-0996
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17298
Common Vulnerability Exposure (CVE) ID: CVE-2013-0995
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17561
Common Vulnerability Exposure (CVE) ID: CVE-2013-0994
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17400
Common Vulnerability Exposure (CVE) ID: CVE-2013-0993
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17009
Common Vulnerability Exposure (CVE) ID: CVE-2013-0992
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17621
Common Vulnerability Exposure (CVE) ID: CVE-2013-0991
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16907
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.