This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.
The remote host contains an application that is affected by a code
The version of Apple iTunes on the remote host is prior to version
7.4. It is, therefore, affected by a heap overflow vulnerability when
it parses specially crafted MP4/AAC files. By convincing a user into
opening such a file, a remote attacker can execute arbitrary code with
the same level of privileges as the user.
See also :
Upgrade to Apple iTunes 7.4 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false
Family: Peer-To-Peer File Sharing
Nessus Plugin ID: 26000 (itunes_7_4_banner.nasl)
Bugtraq ID: 25567
CVE ID: CVE-2007-3752
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.