Multiple vulnerability in Apple iTunes - APPLE-SA-2017-03-22-2 (Mac OS X)ID: oval:org.secpod.oval:def:39508 | Date: (C)2017-03-23 (M)2024-02-29 |
Class: PATCH | Family: macos |
The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-22-2. The update is required to fix multiple vulnerabilities in Apple iTunes. The flaws are present in SQLite and expat which fails to handle vectors related to iTunes, crafted xml files. Successful exploitation could allow attackers to execute arbitrary code or cause a denial of service.
Platform: |
Apple Mac OS X 10.9 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X Server 10.9 |
Apple Mac OS X Server 10.10 |
Apple Mac OS X Server 10.11 |
Apple Mac OS X Server 10.12 |