Apple Itunes 12.9 For Windows vulnerabilities

CVE-2018-4299 [HIGH] CVE-2018-4299: iTunes 12.9 for Windows Apple Security Update: About the security content of iTunes 12.9 for Windows Product: iTunes 12.9 for Windows CVE: CVE-2018-4299 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2018-4318 [HIGH] CVE-2018-4318: iTunes 12.9 for Windows Apple Security Update: About the security content of iTunes 12.9 for Windows Product: iTunes 12.9 for Windows CVE: CVE-2018-4318 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2018-4347 [HIGH] CVE-2018-4347: iTunes 12.9 for Windows Apple Security Update: About the security content of iTunes 12.9 for Windows Product: iTunes 12.9 for Windows CVE: CVE-2018-4347 Component: CoreText Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2018-4309 [MEDIUM] CVE-2018-4309: iTunes 12.9 for Windows Apple Security Update: About the security content of iTunes 12.9 for Windows Product: iTunes 12.9 for Windows CVE: CVE-2018-4309 Component: WebKit Impact: A malicious website may be able to execute scripts in the context of another website Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.

CVE-2018-4345 [MEDIUM] CVE-2018-4345: iTunes 12.9 for Windows Apple Security Update: About the security content of iTunes 12.9 for Windows Product: iTunes 12.9 for Windows CVE: CVE-2018-4345 Component: WebKit Impact: A malicious website may exfiltrate image data cross-origin Description: A cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation.