This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.
The remote host contains an application that is susceptible to a
The version of Apple iTunes on the remote host is prior to version
10.5.1. It is, therefore, affected by a man-in-the-middle
vulnerability due to using unsecured HTTP connections when checking
for or retrieving software updates. A remote attacker can exploit this
to execute arbitrary code by means of a trojan horse update that
appears to originate from Apple.
See also :
Upgrade to Apple iTunes 10.5.1 or later.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true