itunes (pvs) tenable network security inc., …...apple safari, quicktime and itunes (pvs)...
TRANSCRIPT
SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
TENABLE NETWORK SECURITY, INC.
Apple Safari,QuickTime andiTunes (PVS)May 28, 2012 at 9:02pm CDTDave Breslin [dbreslin]Confidential: The following report contains confidential information. Do not distribute, email, fax,or transfer via any electronic mechanism unless it has been approved by the recipient company'ssecurity policy. All copies and backups of this document should be saved on protected storage at alltimes. Do not share any of the information contained within this report with anyone unless they areauthorized to view the information. Violating any of the previous instructions is grounds for termination.
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Table of Contents
Tenable Network Security i
Table of ContentsSummary ........................................................................................................................................................ 1
Apple Safari ................................................................................................................................................2
Apple QuickTime ...............................................................................................................................11
Apple iTunes ..........................................................................................................................................14
Apple Safari, QuickTime and iTunes Vulnerabilities with KnownExploits Summary ........................................................................................................................... 21
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Summary
Tenable Network Security 1
Summary
5 Day Vulnerability Trending - CVSS >= 4
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari
Tenable Network Security 2
Apple Safari
Apple Safari Host Detection
IP Address NetBIOS Name DNS Name MAC Address
10.100.0.20 ITSDEPT\MM1015 mm1015.itsdept.com 00:11:24:c8:69:51
10.100.0.24 ITSDEPT\MM1018 mm1018.itsdept.com 00:11:24:c8:69:54
10.100.0.27 ITSDEPT\MM1019 mm1019.itsdept.com 00:11:24:c8:70:01
10.100.0.30 ITSDEPT\MM1023 mm1023.itsdept.com 00:11:24:c8:70:04
10.200.0.5 ITSDEPT\DT1004 dt1004.itsdept.com 08:00:27:41:88:b7
10.200.0.18 ITSDEPT\DT1022 dt1022.itsdept.com 08:00:27:89:23:32
192.168.1.13
192.168.2.72
Vulnerability Summary - CVSS >= 4
Plugin Total Severity Plugin Name Family
6483 3 HighSafari <5.1.7 MultipleVulnerabilities
Web Clients
6346 3 HighSafari <5.1.4 MultipleVulnerabilities
Web Clients
6038 2 HighSafari <5.1.1 MultipleVulnerabilities
Web Clients
5992 2 HighSafari < 5.1 MultipleVulnerabilities
Web Clients
5890 2 HighSafari <5.0.5 MultipleVulnerabilities
Web Clients
5813 2 HighSafari <5.0.4 MultipleVulnerabilities
Web Clients
5711 2 HighSafari < 4.1.3 /5.0.3 MultipleVulnerabilities
Web Clients
5655 2 HighSafari < 4.1.2 /5.0.2 MultipleVulnerabilities
Web Clients
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari
Tenable Network Security 3
CVE Summary
CVE Total Severity
CVE-2010-1205 2 High
CVE-2010-1383 2 High
CVE-2010-1420 2 High
CVE-2010-1805 2 High
CVE-2010-1806 2 High
CVE-2010-1807 2 High
CVE-2010-1812 2 High
CVE-2010-1813 2 High
CVE-2010-1814 2 High
CVE-2010-1815 2 High
CVE-2010-1822 2 High
CVE-2010-1823 2 High
CVE-2010-1824 2 High
CVE-2010-2249 2 High
CVE-2010-3116 2 High
CVE-2010-3257 2 High
CVE-2010-3259 2 High
CVE-2010-3803 2 High
CVE-2010-3804 2 High
CVE-2010-3805 2 High
CVE-2010-3808 2 High
CVE-2010-3809 2 High
CVE-2010-3810 2 High
CVE-2010-3811 2 High
CVE-2010-3812 2 High
CVE-2010-3813 2 High
CVE-2010-3816 2 High
CVE-2010-3817 2 High
CVE-2010-3818 2 High
CVE-2010-3819 2 High
CVE-2010-3820 2 High
CVE-2010-3821 2 High
CVE-2010-3822 2 High
CVE-2010-3823 2 High
CVE-2010-3824 2 High
CVE-2010-3826 2 High
CVE-2010-3829 2 High
CVE-2010-4008 2 High
CVE-2010-4494 2 High
CVE-2011-0111 2 High
CVE-2011-0112 2 High
CVE-2011-0113 2 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari
Tenable Network Security 4
CVE Total Severity
CVE-2011-0114 2 High
CVE-2011-0115 2 High
CVE-2011-0116 2 High
CVE-2011-0117 2 High
CVE-2011-0118 2 High
CVE-2011-0119 2 High
CVE-2011-0120 2 High
CVE-2011-0121 2 High
CVE-2011-0122 2 High
CVE-2011-0123 2 High
CVE-2011-0124 2 High
CVE-2011-0125 2 High
CVE-2011-0126 2 High
CVE-2011-0127 2 High
CVE-2011-0128 2 High
CVE-2011-0129 2 High
CVE-2011-0130 2 High
CVE-2011-0131 2 High
CVE-2011-0132 2 High
CVE-2011-0133 2 High
CVE-2011-0134 2 High
CVE-2011-0135 2 High
CVE-2011-0136 2 High
CVE-2011-0137 2 High
CVE-2011-0138 2 High
CVE-2011-0139 2 High
CVE-2011-0140 2 High
CVE-2011-0141 2 High
CVE-2011-0142 2 High
CVE-2011-0143 2 High
CVE-2011-0144 2 High
CVE-2011-0145 2 High
CVE-2011-0146 2 High
CVE-2011-0147 2 High
CVE-2011-0148 2 High
CVE-2011-0149 2 High
CVE-2011-0150 2 High
CVE-2011-0151 2 High
CVE-2011-0152 2 High
CVE-2011-0153 2 High
CVE-2011-0154 2 High
CVE-2011-0155 2 High
CVE-2011-0156 2 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari
Tenable Network Security 5
CVE Total Severity
CVE-2011-0160 2 High
CVE-2011-0161 2 High
CVE-2011-0163 2 High
CVE-2011-0164 2 High
CVE-2011-0165 2 High
CVE-2011-0166 2 High
CVE-2011-0167 2 High
CVE-2011-0168 2 High
CVE-2011-0169 2 High
CVE-2011-0170 2 High
CVE-2011-0191 2 High
CVE-2011-0192 2 High
CVE-2011-0195 2 High
CVE-2011-0200 2 High
CVE-2011-0201 2 High
CVE-2011-0202 2 High
CVE-2011-0204 2 High
CVE-2011-0206 2 High
CVE-2011-0214 2 High
CVE-2011-0215 2 High
CVE-2011-0216 2 High
CVE-2011-0217 2 High
CVE-2011-0218 2 High
CVE-2011-0219 2 High
CVE-2011-0221 2 High
CVE-2011-0222 2 High
CVE-2011-0223 2 High
CVE-2011-0225 2 High
CVE-2011-0232 2 High
CVE-2011-0233 2 High
CVE-2011-0234 2 High
CVE-2011-0235 2 High
CVE-2011-0237 2 High
CVE-2011-0238 2 High
CVE-2011-0240 2 High
CVE-2011-0241 2 High
CVE-2011-0242 2 High
CVE-2011-0244 2 High
CVE-2011-0253 2 High
CVE-2011-0254 2 High
CVE-2011-0255 2 High
CVE-2011-0981 2 High
CVE-2011-0983 2 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari
Tenable Network Security 6
CVE Total Severity
CVE-2011-1107 2 High
CVE-2011-1109 2 High
CVE-2011-1114 2 High
CVE-2011-1115 2 High
CVE-2011-1117 2 High
CVE-2011-1121 2 High
CVE-2011-1188 2 High
CVE-2011-1190 2 High
CVE-2011-1203 2 High
CVE-2011-1204 2 High
CVE-2011-1288 2 High
CVE-2011-1290 2 High
CVE-2011-1293 2 High
CVE-2011-1295 2 High
CVE-2011-1296 2 High
CVE-2011-1344 2 High
CVE-2011-1440 2 High
CVE-2011-1449 2 High
CVE-2011-1451 2 High
CVE-2011-1453 2 High
CVE-2011-1457 2 High
CVE-2011-1462 2 High
CVE-2011-1774 2 High
CVE-2011-1797 2 High
CVE-2011-2338 2 High
CVE-2011-2339 2 High
CVE-2011-2341 2 High
CVE-2011-2351 2 High
CVE-2011-2352 2 High
CVE-2011-2354 2 High
CVE-2011-2356 2 High
CVE-2011-2359 2 High
CVE-2011-2788 2 High
CVE-2011-2790 2 High
CVE-2011-2792 2 High
CVE-2011-2797 2 High
CVE-2011-2799 2 High
CVE-2011-2805 2 High
CVE-2011-2809 2 High
CVE-2011-2811 2 High
CVE-2011-2813 2 High
CVE-2011-2814 2 High
CVE-2011-2815 2 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari
Tenable Network Security 7
CVE Total Severity
CVE-2011-2816 2 High
CVE-2011-2817 2 High
CVE-2011-2818 2 High
CVE-2011-2819 2 High
CVE-2011-2820 2 High
CVE-2011-2823 2 High
CVE-2011-2825 3 High
CVE-2011-2827 2 High
CVE-2011-2831 2 High
CVE-2011-2833 3 High
CVE-2011-2846 3 High
CVE-2011-2847 3 High
CVE-2011-2854 3 High
CVE-2011-2855 3 High
CVE-2011-2857 3 High
CVE-2011-2860 3 High
CVE-2011-2866 3 High
CVE-2011-2867 3 High
CVE-2011-2868 3 High
CVE-2011-2869 3 High
CVE-2011-2870 3 High
CVE-2011-2871 3 High
CVE-2011-2872 3 High
CVE-2011-2873 3 High
CVE-2011-2877 3 High
CVE-2011-3046 3 High
CVE-2011-3056 3 High
CVE-2011-3229 2 High
CVE-2011-3230 2 High
CVE-2011-3231 2 High
CVE-2011-3232 2 High
CVE-2011-3233 2 High
CVE-2011-3234 2 High
CVE-2011-3235 2 High
CVE-2011-3236 2 High
CVE-2011-3237 2 High
CVE-2011-3238 2 High
CVE-2011-3239 2 High
CVE-2011-3241 2 High
CVE-2011-3242 2 High
CVE-2011-3243 2 High
CVE-2011-3881 3 High
CVE-2011-3885 3 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari
Tenable Network Security 8
CVE Total Severity
CVE-2011-3887 3 High
CVE-2011-3888 3 High
CVE-2011-3897 3 High
CVE-2011-3908 3 High
CVE-2011-3909 3 High
CVE-2011-3928 3 High
CVE-2012-0584 3 High
CVE-2012-0585 3 High
CVE-2012-0586 3 High
CVE-2012-0587 3 High
CVE-2012-0589 3 High
CVE-2012-0590 3 High
CVE-2012-0591 3 High
CVE-2012-0592 3 High
CVE-2012-0593 3 High
CVE-2012-0594 3 High
CVE-2012-0595 3 High
CVE-2012-0596 3 High
CVE-2012-0597 3 High
CVE-2012-0598 3 High
CVE-2012-0599 3 High
CVE-2012-0600 3 High
CVE-2012-0601 3 High
CVE-2012-0602 3 High
CVE-2012-0603 3 High
CVE-2012-0604 3 High
CVE-2012-0605 3 High
CVE-2012-0606 3 High
CVE-2012-0607 3 High
CVE-2012-0608 3 High
CVE-2012-0609 3 High
CVE-2012-0610 3 High
CVE-2012-0611 3 High
CVE-2012-0612 3 High
CVE-2012-0613 3 High
CVE-2012-0614 3 High
CVE-2012-0615 3 High
CVE-2012-0616 3 High
CVE-2012-0617 3 High
CVE-2012-0618 3 High
CVE-2012-0619 3 High
CVE-2012-0620 3 High
CVE-2012-0621 3 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari
Tenable Network Security 9
CVE Total Severity
CVE-2012-0623 3 High
CVE-2012-0624 3 High
CVE-2012-0625 3 High
CVE-2012-0626 3 High
CVE-2012-0627 3 High
CVE-2012-0628 3 High
CVE-2012-0629 3 High
CVE-2012-0630 3 High
CVE-2012-0631 3 High
CVE-2012-0632 3 High
CVE-2012-0633 3 High
CVE-2012-0635 3 High
CVE-2012-0636 3 High
CVE-2012-0637 3 High
CVE-2012-0638 3 High
CVE-2012-0639 3 High
CVE-2012-0640 3 High
CVE-2012-0647 3 High
CVE-2012-0648 3 High
CVE-2012-0672 3 High
CVE-2012-0676 3 High
Vulnerabilities by Location - CVSS >= 4
Asset Total
HQ 2nd Floor 16
Wireless-Guest 2
Wireless-HQ 0
HQ 3rd Floor 0
HQ 1st Floor 0
HQ 4th Floor 0
Vulnerabilities by Subnet - CVSS >= 4
IP Address Total
10.200.0.0/24 16
192.168.2.0/24 2
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari
Tenable Network Security 10
5 Day Vulnerability Trend by CVSS Ranges
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple QuickTime
Tenable Network Security 11
Apple QuickTime
Apple QuickTime Host Detection
IP Address NetBIOS Name DNS Name MAC Address
10.100.0.20 ITSDEPT\MM1015 mm1015.itsdept.com 00:11:24:c8:69:51
10.100.0.24 ITSDEPT\MM1018 mm1018.itsdept.com 00:11:24:c8:69:54
10.100.0.27 ITSDEPT\MM1019 mm1019.itsdept.com 00:11:24:c8:70:01
10.100.0.30 ITSDEPT\MM1023 mm1023.itsdept.com 00:11:24:c8:70:04
10.100.0.40 ITSDEPT\MM1036 mm1036.itsdept.com 00:11:24:c8:70:10
10.150.0.56 ITSDEPT\MM3062 mm3062.itsdept.com 00:11:24:c8:70:2b
192.168.1.13
192.168.2.72
Vulnerability Summary - CVSS >= 4
Plugin Total Severity Plugin Name Family
6052 4 HighQuickTime <7.7.1 MultipleVulnerabilities
Web Clients
6000 2 HighQuickTime <7.7 MultipleVulnerabilities
Web Clients
CVE Summary
CVE Total Severity
CVE-2011-0186 2 High
CVE-2011-0187 2 High
CVE-2011-0209 2 High
CVE-2011-0210 2 High
CVE-2011-0211 2 High
CVE-2011-0213 2 High
CVE-2011-0245 2 High
CVE-2011-0246 2 High
CVE-2011-0247 2 High
CVE-2011-0248 2 High
CVE-2011-0249 2 High
CVE-2011-0250 2 High
CVE-2011-0251 2 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple QuickTime
Tenable Network Security 12
CVE Total Severity
CVE-2011-0252 2 High
CVE-2011-3218 4 High
CVE-2011-3219 4 High
CVE-2011-3220 4 High
CVE-2011-3221 4 High
CVE-2011-3222 4 High
CVE-2011-3223 4 High
CVE-2011-3228 4 High
CVE-2011-3247 4 High
CVE-2011-3248 4 High
CVE-2011-3249 4 High
CVE-2011-3250 4 High
CVE-2011-3251 4 High
Vulnerabilities by Location - CVSS >= 4
Asset Total
HQ 1st Floor 2
HQ 3rd Floor 2
Wireless-Guest 1
Wireless-HQ 1
HQ 4th Floor 0
HQ 2nd Floor 0
Vulnerabilities by Subnet - CVSS >= 4
IP Address Total
10.150.0.0/24 2
10.100.0.0/24 2
192.168.2.0/24 1
192.168.1.0/24 1
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple QuickTime
Tenable Network Security 13
5 Day Vulnerability Trend by CVSS Ranges
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple iTunes
Tenable Network Security 14
Apple iTunes
Apple iTunes Host Detection
IP Address NetBIOS Name DNS Name MAC Address
10.100.0.20 ITSDEPT\MM1015 mm1015.itsdept.com 00:11:24:c8:69:51
10.100.0.24 ITSDEPT\MM1018 mm1018.itsdept.com 00:11:24:c8:69:54
10.100.0.27 ITSDEPT\MM1019 mm1019.itsdept.com 00:11:24:c8:70:01
10.100.0.30 ITSDEPT\MM1023 mm1023.itsdept.com 00:11:24:c8:70:04
10.200.0.15 ITSDEPT\DT1008 dt1008.itsdept.com 08:00:27:41:88:f2
Vulnerability Summary - CVSS >= 4
Plugin Total Severity Plugin Name Family
6345 5 HighiTunes <10.6 MultipleVulnerabilities
Web Clients
6098 5 High
iTunes < 10.5.1Update AuthenticityVerificationWeakness
Web Clients
6037 1 HighiTunes <10.5 MultipleVulnerabilities
Web Clients
5894 1 HighiTunes <10.2.2 MultipleVulnerabilities
Web Clients
5806 1 HighiTunes <10.2 MultipleVulnerabilities
Web Clients
CVE Summary
CVE Total Severity
CVE-2010-1205 1 High
CVE-2010-1823 1 High
CVE-2010-1824 1 High
CVE-2010-2249 1 High
CVE-2010-4008 1 High
CVE-2010-4494 1 High
CVE-2011-0111 1 High
CVE-2011-0112 1 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple iTunes
Tenable Network Security 15
CVE Total Severity
CVE-2011-0113 1 High
CVE-2011-0114 1 High
CVE-2011-0115 1 High
CVE-2011-0116 1 High
CVE-2011-0117 1 High
CVE-2011-0118 1 High
CVE-2011-0119 1 High
CVE-2011-0120 1 High
CVE-2011-0121 1 High
CVE-2011-0122 1 High
CVE-2011-0123 1 High
CVE-2011-0124 1 High
CVE-2011-0125 1 High
CVE-2011-0126 1 High
CVE-2011-0127 1 High
CVE-2011-0128 1 High
CVE-2011-0129 1 High
CVE-2011-0130 1 High
CVE-2011-0131 1 High
CVE-2011-0132 1 High
CVE-2011-0133 1 High
CVE-2011-0134 1 High
CVE-2011-0135 1 High
CVE-2011-0136 1 High
CVE-2011-0137 1 High
CVE-2011-0138 1 High
CVE-2011-0139 1 High
CVE-2011-0140 1 High
CVE-2011-0141 1 High
CVE-2011-0142 1 High
CVE-2011-0143 1 High
CVE-2011-0144 1 High
CVE-2011-0145 1 High
CVE-2011-0146 1 High
CVE-2011-0147 1 High
CVE-2011-0148 1 High
CVE-2011-0149 1 High
CVE-2011-0150 1 High
CVE-2011-0151 1 High
CVE-2011-0152 1 High
CVE-2011-0153 1 High
CVE-2011-0154 1 High
CVE-2011-0155 1 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple iTunes
Tenable Network Security 16
CVE Total Severity
CVE-2011-0156 1 High
CVE-2011-0164 2 High
CVE-2011-0165 1 High
CVE-2011-0168 1 High
CVE-2011-0170 1 High
CVE-2011-0191 1 High
CVE-2011-0192 1 High
CVE-2011-0200 1 High
CVE-2011-0204 1 High
CVE-2011-0215 1 High
CVE-2011-0218 1 High
CVE-2011-0221 1 High
CVE-2011-0222 1 High
CVE-2011-0223 1 High
CVE-2011-0225 1 High
CVE-2011-0232 1 High
CVE-2011-0233 1 High
CVE-2011-0234 1 High
CVE-2011-0235 1 High
CVE-2011-0237 1 High
CVE-2011-0238 1 High
CVE-2011-0240 1 High
CVE-2011-0253 1 High
CVE-2011-0254 1 High
CVE-2011-0255 1 High
CVE-2011-0259 1 High
CVE-2011-0981 1 High
CVE-2011-0983 1 High
CVE-2011-1109 1 High
CVE-2011-1114 1 High
CVE-2011-1115 1 High
CVE-2011-1117 1 High
CVE-2011-1121 1 High
CVE-2011-1188 1 High
CVE-2011-1203 1 High
CVE-2011-1204 1 High
CVE-2011-1288 1 High
CVE-2011-1290 1 High
CVE-2011-1293 1 High
CVE-2011-1296 1 High
CVE-2011-1344 1 High
CVE-2011-1440 1 High
CVE-2011-1449 1 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple iTunes
Tenable Network Security 17
CVE Total Severity
CVE-2011-1451 1 High
CVE-2011-1453 1 High
CVE-2011-1457 1 High
CVE-2011-1462 1 High
CVE-2011-1774 1 High
CVE-2011-1797 1 High
CVE-2011-2338 1 High
CVE-2011-2339 1 High
CVE-2011-2341 1 High
CVE-2011-2351 1 High
CVE-2011-2352 1 High
CVE-2011-2354 1 High
CVE-2011-2356 1 High
CVE-2011-2359 1 High
CVE-2011-2788 1 High
CVE-2011-2790 1 High
CVE-2011-2792 1 High
CVE-2011-2797 1 High
CVE-2011-2799 1 High
CVE-2011-2809 1 High
CVE-2011-2811 1 High
CVE-2011-2813 1 High
CVE-2011-2814 1 High
CVE-2011-2815 1 High
CVE-2011-2816 1 High
CVE-2011-2817 1 High
CVE-2011-2818 1 High
CVE-2011-2820 1 High
CVE-2011-2823 1 High
CVE-2011-2827 1 High
CVE-2011-2831 1 High
CVE-2011-3219 1 High
CVE-2011-3232 1 High
CVE-2011-3233 1 High
CVE-2011-3234 1 High
CVE-2011-3235 1 High
CVE-2011-3236 1 High
CVE-2011-3237 1 High
CVE-2011-3238 1 High
CVE-2011-3239 1 High
CVE-2011-3241 1 High
CVE-2011-3244 1 High
CVE-2011-3252 1 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple iTunes
Tenable Network Security 18
CVE Total Severity
CVE-2012-0593 5 High
CVE-2012-0594 5 High
CVE-2012-0595 5 High
CVE-2012-0596 5 High
CVE-2012-0597 5 High
CVE-2012-0598 5 High
CVE-2012-0599 5 High
CVE-2012-0600 5 High
CVE-2012-0601 5 High
CVE-2012-0602 5 High
CVE-2012-0603 5 High
CVE-2012-0604 5 High
CVE-2012-0605 5 High
CVE-2012-0606 5 High
CVE-2012-0607 5 High
CVE-2012-0608 5 High
CVE-2012-0609 5 High
CVE-2012-0610 5 High
CVE-2012-0611 5 High
CVE-2012-0612 5 High
CVE-2012-0613 5 High
CVE-2012-0614 5 High
CVE-2012-0615 5 High
CVE-2012-0616 5 High
CVE-2012-0617 5 High
CVE-2012-0618 5 High
CVE-2012-0619 5 High
CVE-2012-0620 5 High
CVE-2012-0621 5 High
CVE-2012-0622 5 High
CVE-2012-0623 5 High
CVE-2012-0624 5 High
CVE-2012-0625 5 High
CVE-2012-0626 5 High
CVE-2012-0627 5 High
CVE-2012-0628 5 High
CVE-2012-0629 5 High
CVE-2012-0630 5 High
CVE-2012-0631 5 High
CVE-2012-0632 5 High
CVE-2012-0633 5 High
CVE-2012-0634 5 High
CVE-2012-0635 5 High
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple iTunes
Tenable Network Security 19
CVE Total Severity
CVE-2012-0636 5 High
CVE-2012-0637 5 High
CVE-2012-0638 5 High
CVE-2012-0639 5 High
CVE-2012-0648 5 High
Vulnerabilities by Location - CVSS >= 4
Asset Total
HQ 1st Floor 8
HQ 2nd Floor 5
Wireless-Guest 0
Wireless-HQ 0
HQ 3rd Floor 0
HQ 4th Floor 0
Vulnerabilities by Subnet - CVSS >= 4
IP Address Total
10.100.0.0/24 8
10.200.0.0/24 5
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple iTunes
Tenable Network Security 20
5 Day Vulnerability Trend by CVSS Ranges
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari, QuickTime and iTunes Vulnerabilities with Known Exploits Summary
Tenable Network Security 21
Apple Safari, QuickTime andiTunes Vulnerabilities withKnown Exploits Summary
5 Day Exploitable Vulnerability Trend - Medium, High & Critical VulnerabilitySeverity
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari, QuickTime and iTunes Vulnerabilities with Known Exploits Summary
Tenable Network Security 22
Hosts with Safari Exploitable Vulnerabilities - Medium, High & Critical Vulnerability Severity
IP Address NetBIOS Name DNS Name MAC Address Med. High Crit.
10.200.0.5 ITSDEPT\DT1004 dt1004.itsdept.com 08:00:27:41:88:b7 0 3 0
10.200.0.18 ITSDEPT\DT1022 dt1022.itsdept.com 08:00:27:89:23:32 0 3 0
Hosts with QuickTime Exploitable Vulnerabilities - Medium, High & Critical Vulnerability Severity
IP Address NetBIOS Name DNS Name MAC Address Med. High Crit.
10.100.0.40 ITSDEPT\MM1036 mm1036.itsdept.com 00:11:24:c8:70:10 0 1 0
10.150.0.56 ITSDEPT\MM3062 mm3062.itsdept.com 00:11:24:c8:70:2b 0 1 0
Hosts with iTunes Exploitable Vulnerabilities - Medium, High & Critical Vulnerability Severity
IP Address NetBIOS Name DNS Name MAC Address Med. High Crit.
10.200.0.15 ITSDEPT\DT1008 dt1008.itsdept.com 08:00:27:41:88:f2 0 1 0
Safari Exploitable Vulnerability Summary - Medium, High and Critical Vulnerability Severity
Plugin Total Severity Plugin Name Family
6038 2 HighSafari <5.1.1 MultipleVulnerabilities
Web Clients
5992 2 HighSafari < 5.1 MultipleVulnerabilities
Web Clients
5655 2 HighSafari < 4.1.2 /5.0.2 MultipleVulnerabilities
Web Clients
QuickTime Exploitable Vulnerability Summary - Medium, High and Critical Vulnerability Severity
Plugin Total Severity Plugin Name Family
6000 2 HighQuickTime <7.7 MultipleVulnerabilities
Web Clients
Apple Safari, QuickTime and iTunes (PVS) SecurityCenter 4TENABLE NETWORK SECURITY INC., COPYRIGHT © 2012
Apple Safari, QuickTime and iTunes Vulnerabilities with Known Exploits Summary
Tenable Network Security 23
iTunes Exploitable Vulnerability Summary - Medium, High and Critical Vulnerability Severity
Plugin Total Severity Plugin Name Family
6037 1 HighiTunes <10.5 MultipleVulnerabilities
Web Clients