Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.ITUNES_9_2.NASL
HistoryJun 17, 2010 - 12:00 a.m.

Apple iTunes < 9.2 Multiple Vulnerabilities (credentialed check)

2010-06-1700:00:00
This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
www.tenable.com
22

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.965 High

EPSS

Percentile

99.6%

JSON

The version of Apple iTunes installed on the remote Windows host is older than 9.2. As such, it may be affected by multiple vulnerabilities :

  • A heap-based buffer overflow in the handling of images with an embedded ColorSync profile may lead to an application crash or arbitrary code execution.
    (CVE-2009-1726)

  • Multiple integer overflows in ImageIO’s handling of TIFF files may lead to an application crash or arbitrary code execution. (CVE-2010-1411)

  • Multiple vulnerabilities WebKit may have a variety of effects, including arbitrary code execution.
    (CVE-2010-0544, CVE-2010-1119, CVE-2010-1387, CVE-2010-1390, CVE-2010-1392, CVE-2010-1393, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398, CVE-2010-1399, CVE-2010-1400, CVE-2010-1401, CVE-2010-1402, CVE-2010-1403, CVE-2010-1404, CVE-2010-1405, CVE-2010-1408, CVE-2010-1409, CVE-2010-1410, CVE-2010-1412, CVE-2010-1414, CVE-2010-1415, CVE-2010-1416, CVE-2010-1417, CVE-2010-1418, CVE-2010-1419, CVE-2010-1421, CVE-2010-1422, CVE-2010-1749, CVE-2010-1758, CVE-2010-1759, CVE-2010-1761, CVE-2010-1763, CVE-2010-1769, CVE-2010-1770, CVE-2010-1771, CVE-2010-1774)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(47037);
  script_version("1.22");
  script_cvs_date("Date: 2018/11/15 20:50:27");

  script_cve_id(
    "CVE-2009-1726",
    "CVE-2010-0544",
    "CVE-2010-1119",
    "CVE-2010-1387",
    "CVE-2010-1390",
    "CVE-2010-1392",
    "CVE-2010-1393",
    "CVE-2010-1395",
    "CVE-2010-1396",
    "CVE-2010-1397",
    "CVE-2010-1398",
    "CVE-2010-1399",
    "CVE-2010-1400",
    "CVE-2010-1401",
    "CVE-2010-1402",
    "CVE-2010-1403",
    "CVE-2010-1404",
    "CVE-2010-1405",
    "CVE-2010-1408",
    "CVE-2010-1409",
    "CVE-2010-1410",
    "CVE-2010-1411",
    "CVE-2010-1412",
    "CVE-2010-1414",
    "CVE-2010-1415",
    "CVE-2010-1416",
    "CVE-2010-1417",
    "CVE-2010-1418",
    "CVE-2010-1419",
    "CVE-2010-1421",
    "CVE-2010-1422",
    "CVE-2010-1749",
    "CVE-2010-1758",
    "CVE-2010-1759",
    "CVE-2010-1761",
    "CVE-2010-1763",
    "CVE-2010-1769",
    "CVE-2010-1770",
    "CVE-2010-1771",
    "CVE-2010-1774"
  );
  script_bugtraq_id(40657, 40663, 40697, 40710, 41053, 41054, 41125);

  script_name(english:"Apple iTunes < 9.2 Multiple Vulnerabilities (credentialed check)");
  script_summary(english:"Checks version of iTunes on Windows");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote host contains an application that is affected by multiple
vulnerabilities."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The version of Apple iTunes installed on the remote Windows host is
older than 9.2. As such, it may be affected by multiple
vulnerabilities :

  - A heap-based buffer overflow in the handling of images
    with an embedded ColorSync profile may lead to an
    application crash or arbitrary code execution.
    (CVE-2009-1726)

  - Multiple integer overflows in ImageIO's handling of
    TIFF files may lead to an application crash or
    arbitrary code execution. (CVE-2010-1411)

  - Multiple vulnerabilities WebKit may have a variety of
    effects, including arbitrary code execution.
    (CVE-2010-0544, CVE-2010-1119, CVE-2010-1387,
    CVE-2010-1390, CVE-2010-1392, CVE-2010-1393,
    CVE-2010-1395, CVE-2010-1396, CVE-2010-1397,
    CVE-2010-1398, CVE-2010-1399, CVE-2010-1400,
    CVE-2010-1401, CVE-2010-1402, CVE-2010-1403,
    CVE-2010-1404, CVE-2010-1405, CVE-2010-1408,
    CVE-2010-1409, CVE-2010-1410, CVE-2010-1412,
    CVE-2010-1414, CVE-2010-1415, CVE-2010-1416,
    CVE-2010-1417, CVE-2010-1418, CVE-2010-1419,
    CVE-2010-1421, CVE-2010-1422, CVE-2010-1749,
    CVE-2010-1758, CVE-2010-1759, CVE-2010-1761,
    CVE-2010-1763, CVE-2010-1769, CVE-2010-1770,
    CVE-2010-1771, CVE-2010-1774)"
  );
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT4220");
  script_set_attribute(attribute:"see_also", value:"https://lists.apple.com/archives/security-announce/2010/Jun/msg00002.html");
  script_set_attribute(attribute:"solution", value:"Upgrade to Apple iTunes 9.2 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_cwe_id(119);

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/06/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/06/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/06/17");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:itunes");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");

  script_dependencies("itunes_detect.nasl");
  script_require_keys("SMB/iTunes/Version");

  exit(0);
}


include ("global_settings.inc");


version = get_kb_item("SMB/iTunes/Version");
if (isnull(version)) exit(1, "The 'SMB/iTunes/Version' KB item is missing.");

ver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(ver); i++)
  ver[i] = int(ver[i]);

if (
  ver[0] < 9 ||
  (
    ver[0] == 9 &&
    (
      ver[1] < 2 ||
      (ver[1] == 2 && ver[2] == 0 && ver[3] < 61)
    )
  )
)
{
  if (report_verbosity > 0)
  {
    report = '\n' +
      'iTunes ' + version + ' is installed on the remote host.\n';
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(get_kb_item("SMB/transport"));
}
else exit(0, "The host is not affected since iTunes "+version+" is installed.");
VendorProductVersionCPE
appleitunescpe:/a:apple:itunes

References

Related

nessus 20
securityvulns 9
openvas 29
ubuntucve 22
cve 20
cvelist 18
prion 24
nvd 19
debiancve 17
freebsd 1
fedora 7
threatpost 2
zdi 4
exploitpack 1
oraclelinux 1
debian 1
veracode 1
seebug 1
osv 1
packetstorm 1
nessus
nessus
Apple iTunes < 9.2 Multiple Vulnerabilities (uncredentialed check)
2010-06-17 00:00:00
iTunes < 9.2 Multiple Vulnerabilities
2010-06-17 00:00:00
Safari < 4.1 / 5.0 Multiple Vulnerabilities
2010-06-08 00:00:00
securityvulns
securityvulns
VUPEN Security Research - Apple Safari WebKit HTML Button Use-after-free Vulnerability &#40;CVE-2010-1392&#41;
2010-06-08 00:00:00
Apple Webkit / Safari / Google Chrome multiple security vulnerabilities
2010-06-11 00:00:00
ZDI-10-096: Apple Webkit Recursive Use Element Remote Code Execution Vulnerability
2010-06-08 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities (June-10)
2010-06-16 00:00:00
Apple Safari Multiple Vulnerabilities (Jun 2010)
2010-06-16 00:00:00
FreeBSD Ports: webkit-gtk2
2010-07-22 00:00:00
ubuntucve
ubuntucve
CVE-2010-1769
2010-06-18 00:00:00
CVE-2010-1387
2010-06-18 00:00:00
CVE-2010-1763
2010-06-18 00:00:00
cve
cve
CVE-2010-1763
2010-06-18 16:30:01
CVE-2010-1769
2010-06-18 16:30:01
CVE-2010-1387
2010-06-18 16:30:01
cvelist
cvelist
CVE-2010-1387
2010-06-18 16:00:00
CVE-2010-1763
2010-06-18 16:00:00
CVE-2010-1769
2010-06-18 16:00:00
prion
prion
Design/Logic Flaw
2010-06-18 16:30:00
Design/Logic Flaw
2010-06-18 16:30:00
Code injection
2010-06-18 16:30:00
nvd
nvd
CVE-2010-1387
2010-06-18 16:30:01
CVE-2010-1769
2010-06-18 16:30:01
CVE-2010-1763
2010-06-18 16:30:01
debiancve
debiancve
CVE-2010-1769
2010-06-18 16:30:00
CVE-2010-1387
2010-06-18 16:30:00
CVE-2010-1763
2010-06-18 16:30:00
freebsd
freebsd
webkit-gtk2 -- Multiple vulnerabilities
2010-07-16 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: qt-4.6.3-8.fc13
2010-07-13 07:40:16
[SECURITY] Fedora 13 Update: webkitgtk-1.2.4-1.fc13
2010-09-15 05:40:48
[SECURITY] Fedora 12 Update: webkitgtk-1.2.4-1.fc12
2010-09-21 01:43:18
threatpost
threatpost
WebKit Security Flaws Haunt Apple iTunes
2010-06-17 14:44:15
Apple Plugs 48 Security Holes in Safari Browser
2010-06-08 13:06:29
zdi
zdi
Apple Webkit Recursive Use Element Remote Code Execution Vulnerability
2010-06-08 00:00:00
Apple Webkit First-Letter Pseudo-Element Style Remote Code Execution Vulnerability
2010-06-08 00:00:00
Apple Webkit ContentEditable moveParagraphs Uninitialized Element Remote Code Execution Vulnerability
2010-06-08 00:00:00
exploitpack
exploitpack
Webkit Normalize Bug - Android 2.2
2012-02-01 00:00:00
oraclelinux
oraclelinux
libtiff security update
2010-07-08 00:00:00
debian
debian
[SECURITY] [DSA 2084-1] New tiff packages fix arbitrary code execution
2010-08-03 05:30:32
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:24
seebug
seebug
Webkit Normalize Bug - Android 2.2
2014-07-01 00:00:00
osv
osv
tiff - arbitrary code execution
2010-08-03 00:00:00
packetstorm
packetstorm
Android 2.2 Webkit Normalize
2012-02-02 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.965 High

EPSS

Percentile

99.6%

JSON
Related for ITUNES_9_2.NASL
nessus20securityvulns9openvas29ubuntucve22cve20cvelist18prion24nvd19debiancve17freebsd1fedora7threatpost2zdi4exploitpack1oraclelinux1debian1veracode1seebug1osv1packetstorm1