iTunes (for OS X) < 11.1.4 Tutorials Content Injection
PVS ID: 8096 FAMILY: Web Clients RISK: MEDIUM NESSUS ID:72106
Description: Synopsis :\n\nThe remote host is running a multimedia application that contains a content injection vulnerability.\n\nVersions of iTunes earlier than 11.1.4 are affected by an error related to the iTunes Tutorial window that could allow an attacker in a privileged network location to inject content.\n\nFor your information, the version of iTunes detected was: \n%L

Solution: Upgrade to iTunes 11.1.4 or later.

CVE-2014-1242


Copyright Tenable Network Security Inc. 2014