The host is installed with Apple iTunes before 11.1.4 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle the contents of the iTunes Tutorials window. Successful exploitation allows attackers to gain control and inject arbitrary contents.