Summary
This host is installed with Apple iTunes and is prone to security bypass vulnerability.
Impact
Successful exploitation may allow an attacker to perform man-in-the-middle attacks and obtain sensitive information..
Impact Level: Application.
Solution
Upgrade to version 11.1.4 or later,
For updates refer to http://www.apple.com/itunes/download
Insight
The flaw exist due to iTunes Tutorials window, which uses a non-secure HTTP connection to retrieve content.
Affected
Apple iTunes before 11.1.4 on Mac OS X
Detection
Get the installed version of Apple iTunes and check the version is vulnerable or not.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-1242 -
CVSS Base Score: 5.8
AV:N/AC:M/Au:N/C:N/I:P/A:P
Related Vulnerabilities