iTunes < 11.1.4 Tutorials Content Injection (Mac OS X)
Medium Nessus Plugin ID 72106
SynopsisThe remote host contains a multimedia application that has a content injection vulnerability.
DescriptionThe version of iTunes installed on the remote Mac OS X host is a version prior to 11.1.4. It is, therefore, affected by an error related to the iTunes Tutorials window that could allow an attacker in a privileged network location to inject content.
SolutionUpgrade to iTunes 11.1.4 or later.