Lucene search

AppleCVE-2011-0155

HistoryMar 03, 2011 - 8:00 p.m.

CVE-2011-0155

2011-03-0320:00:02

CWE-119

apple

web.nvd.nist.gov

cve-2011-0155

webkit

apple itunes

arbitrary code execution

memory corruption

denial of service

nvd

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

9.2

Confidence

High

EPSS

0.004

Percentile

73.2%

JSON

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Affected configurations

Nvd

Node

appleitunesRange≤10.1.2

appleitunesMatch4.0.0

appleitunesMatch4.0.1

appleitunesMatch4.1.0

appleitunesMatch4.2.0

appleitunesMatch4.5

appleitunesMatch4.5.0

appleitunesMatch4.6

appleitunesMatch4.6.0

appleitunesMatch4.7

appleitunesMatch4.7.0

appleitunesMatch4.7.1

appleitunesMatch4.7.2

appleitunesMatch4.8.0

appleitunesMatch4.9.0

appleitunesMatch5.0

appleitunesMatch5.0.0

appleitunesMatch5.0.1

appleitunesMatch6.0.0

appleitunesMatch6.0.1

appleitunesMatch6.0.2

appleitunesMatch6.0.3

appleitunesMatch6.0.4

appleitunesMatch6.0.4.2

appleitunesMatch6.0.5

appleitunesMatch7.0.0

appleitunesMatch7.0.1

appleitunesMatch7.0.2

appleitunesMatch7.1.0

appleitunesMatch7.1.1

appleitunesMatch7.2.0

appleitunesMatch7.3.0

appleitunesMatch7.3.1

appleitunesMatch7.3.2

appleitunesMatch7.4

appleitunesMatch7.4.0

appleitunesMatch7.4.1

appleitunesMatch7.4.2

appleitunesMatch7.4.3

appleitunesMatch7.5

appleitunesMatch7.5.0

appleitunesMatch7.6

appleitunesMatch7.6.0

appleitunesMatch7.6.1

appleitunesMatch7.6.2

appleitunesMatch7.7

appleitunesMatch7.7.0

appleitunesMatch7.7.1

appleitunesMatch8.0.0

appleitunesMatch8.0.1

appleitunesMatch8.0.2

appleitunesMatch8.1

appleitunesMatch8.1.1

appleitunesMatch8.2

appleitunesMatch8.2.1

appleitunesMatch9.0.0

appleitunesMatch9.0.1

appleitunesMatch9.0.2

appleitunesMatch9.0.3

appleitunesMatch9.2

appleitunesMatch9.2.1

appleitunesMatch10.0

appleitunesMatch10.0.1

appleitunesMatch10.1

appleitunesMatch10.1.1

applewebkit

AND

microsoftwindows

microsoftwindows_7

microsoftwindows_vista

microsoftwindows_vistasp1

microsoftwindows_vistasp2

microsoftwindows_xpsp2

microsoftwindows_xpsp3

VendorProductVersionCPE
appleitunes*cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
appleitunes4.0.0cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*
appleitunes4.0.1cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*
appleitunes4.1.0cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*
appleitunes4.2.0cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*
appleitunes4.5cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*
appleitunes4.5.0cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*
appleitunes4.6cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*
appleitunes4.6.0cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*
appleitunes4.7cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apple	itunes	*	cpe:2.3:a:apple:itunes::::::::
apple	itunes	4.0.0	cpe:2.3:a:apple:itunes:4.0.0:::::::*
apple	itunes	4.0.1	cpe:2.3:a:apple:itunes:4.0.1:::::::*
apple	itunes	4.1.0	cpe:2.3:a:apple:itunes:4.1.0:::::::*
apple	itunes	4.2.0	cpe:2.3:a:apple:itunes:4.2.0:::::::*
apple	itunes	4.5	cpe:2.3:a:apple:itunes:4.5:::::::*
apple	itunes	4.5.0	cpe:2.3:a:apple:itunes:4.5.0:::::::*
apple	itunes	4.6	cpe:2.3:a:apple:itunes:4.6:::::::*
apple	itunes	4.6.0	cpe:2.3:a:apple:itunes:4.6.0:::::::*
apple	itunes	4.7	cpe:2.3:a:apple:itunes:4.7:::::::*