Apple · Itunes · CVE-2009-0143
**Name of the Vulnerable Software and Affected Versions**
Apple iTunes versions prior to 8.1
**Description**
The issue concerns a problem where the software does not properly inform the user about the origin of an authentication request. This makes it easier for remote podcast servers to trick a user into providing a `username` and `password` when subscribing to a crafted podcast.
**Recommendations**
For versions prior to 8.1, update to version 8.1 or later to resolve the issue.