This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote host contains an application that is affected by a code
The version of iTunes on the remote host is prior to version 7.4. It
is, therefore, affected by a heap overflow vulnerability when it
parses specially crafted MP4/AAC files. By convincing a user into
opening such a file, a remote attacker can execute arbitrary code with
the same level of privileges as the user.
See also :
Upgrade to iTunes 7.4 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false
Family: Peer-To-Peer File Sharing
Nessus Plugin ID: 26000 (itunes_7_4_banner.nasl)
Bugtraq ID: 25567
CVE ID: CVE-2007-3752
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.