9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
10 High
AI Score
Confidence
High
0.126 Low
EPSS
Percentile
95.5%
Multiple serious vulnerabilities have been found in iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or obtain sensitive information.
Below is a complete list of vulnerabilities
Technical details
(3) can be exploited to obtain encrypted SMB credentials.
Public exploits exist for this vulnerability.
CVE-2015-1152 high
CVE-2015-1153 high
CVE-2015-3741 high
CVE-2015-3746 high
CVE-2015-3743 high
CVE-2015-5755 high
CVE-2015-3688 high
CVE-2015-1205 critical
CVE-2015-3747 high
CVE-2015-3744 high
CVE-2015-5806 high
CVE-2015-3734 high
CVE-2015-3748 high
CVE-2015-3742 high
CVE-2015-3738 high
CVE-2015-3740 high
CVE-2015-3733 high
CVE-2015-5822 high
CVE-2015-5803 high
CVE-2015-5823 high
CVE-2015-5804 high
CVE-2015-5797 high
CVE-2015-5796 high
CVE-2015-1157 critical
CVE-2015-3745 high
CVE-2015-5790 high
CVE-2015-5810 high
CVE-2015-5811 high
CVE-2015-5795 high
CVE-2015-5794 high
CVE-2015-5793 high
CVE-2015-5792 high
CVE-2015-5920 warning
CVE-2015-5805 high
CVE-2015-3730 high
CVE-2015-5761 high
CVE-2015-5813 high
CVE-2015-5812 high
CVE-2015-5791 high
CVE-2015-5789 high
CVE-2015-5814 high
CVE-2015-5819 high
CVE-2015-5799 high
CVE-2015-3686 high
CVE-2015-3687 high
CVE-2015-5815 high
CVE-2015-5807 high
CVE-2015-5817 high
CVE-2015-5816 high
CVE-2015-3735 high
CVE-2015-3736 high
CVE-2015-5801 high
CVE-2015-5802 high
CVE-2015-5798 high
CVE-2015-5808 high
CVE-2015-5818 high
CVE-2015-3749 high
CVE-2015-3737 high
CVE-2015-3731 high
CVE-2015-3739 high
CVE-2014-8146 critical
CVE-2010-3190 critical
CVE-2015-5800 high
CVE-2015-5821 high
CVE-2015-5874 critical
CVE-2015-5809 high
Update to the latest version
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Read Local Files. Exploitation of vulnerabilities with this impact can lead to reading some inaccessible files. Files that can be read depends on conсrete program errors.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.