7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.9 High
AI Score
Confidence
Low
0.031 Low
EPSS
Percentile
91.2%
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service.
Below is a complete list of vulnerabilities
Technical details
(1) can be triggered via man-in-the-middle attack while browsing iTunes Store.
(2) caused by improper memory handling while text files processing.
CVE-2015-7012 high
CVE-2015-7011 high
CVE-2015-7017 critical
CVE-2015-7014 high
CVE-2015-6975 critical
CVE-2015-6992 critical
CVE-2015-7013 high
CVE-2015-5931 high
CVE-2015-7002 high
CVE-2015-5929 high
CVE-2015-5930 high
CVE-2015-5928 high
Update to the latest version
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.