CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
96.8%
According to its banner, the version of iTunes installed on the remote host is older than 8.1.
Such versions may be affected by multiple vulnerabilities :
It may be possible to cause a denial of service by sending a maliciously crafted DAAP header to the application. Note that this flaw only affects iTunes running on a Windows host. (CVE-2009-0016)
When subscribing to a podcast an authentication dialog may be presented without clarifying the origin of the authentication request. An attacker could exploit this flaw in order to steal the userβs iTunes credentials. (CVE-2009-0143)");
Binary data 4958.prm