Home

CVE-2014-1242

Description

Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream.

Risk Information

Base Score
5.3
MODERATE
Vector
AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.463

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Apple iTunes (X64) 11.0.2Windows
Multiple Vulnerabilities are affected in Apple iTunes 11.0.2Windows
Multiple Vulnerabilities are affected in Apple iTunes For Mac 11.0.2Mac
Multiple Vulnerabilities are affected in Apple iTunes For Mac 11.1.3Mac
Vulnerabilities CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0Mac
Vulnerabilities CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0.1Mac
Vulnerabilities CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0.3Mac
Vulnerabilities CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0.4Mac
Vulnerabilities CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0.5Mac
Vulnerabilities CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.1Mac
Vulnerabilities CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.1.1Mac
Vulnerabilities CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.1.2Mac
Vulnerabilities CVE-2013-1035,CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0Mac
Vulnerabilities CVE-2013-1035,CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0.1Mac
Vulnerabilities CVE-2013-1035,CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0.3Mac
Vulnerabilities CVE-2013-1035,CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0.4Mac
Vulnerabilities CVE-2013-1035,CVE-2014-1242,CVE-2014-1347 are affected in Apple iTunes For Mac 11.0.5Mac

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234