icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

iTunes (for OS X) < 11.1.4 Tutorials Content Injection

High

Synopsis

The remote host is running a multimedia application that contains a content injection vulnerability.

Description

Versions of iTunes earlier than 11.1.4 are affected by an error related to the iTunes Tutorial window that could allow an attacker in a privileged network location to inject content.

Solution

Upgrade to iTunes 11.1.4 or later.