iTunes < 12.0.1 Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 8561
SynopsisThe remote host is running a multimedia application that is unpatched for a number of vulnerabilities.
DescriptionVersions of iTunes earlier than 12.0.1 are missing updates that patch memory corruption vulnerabilities within WebKit, as well as a patch that fixes a man-in-the-middle vulnerability that affects encrypted connections to the iTunes Store via iTunes. The most severe of these vulnerabilites can result in arbitrary remote code execution or unexpected application termination.
SolutionUpgrade to iTunes 12.0.1 or later.