This host is installed with Apple iTunes and is prone to security bypass vulnerability.

Successful exploitation may allow an attacker to perform man-in-the-middle attacks and obtain sensitive information.. Impact Level: Application.

Upgrade to version 11.1.4 or later, For updates refer to http://www.apple.com/itunes/download

The flaw exist due to iTunes Tutorials window, which uses a non-secure HTTP connection to retrieve content.

Apple iTunes before 11.1.4 on Windows

Get the installed version of Apple iTunes and check the version is vulnerable or not.

• http://support.apple.com/kb/HT6001
• http://xforce.iss.net/xforce/xfdb/90653

---

Updated on 2015-03-25