Lucene search

[email protected]CVE-2011-2817

HistoryOct 12, 2011 - 6:55 p.m.

CVE-2011-2817

2011-10-1218:55:01

CWE-119

[email protected]

web.nvd.nist.gov

cve

2011

2817

webkit

apple itunes

vulnerability

man-in-the-middle

arbitrary code

denial of service

memory corruption

application crash

nvd

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.0%

JSON

WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.

Affected configurations

NVD

Node

appleitunesRange≤10.4.1

appleitunesMatch4.0.0

appleitunesMatch4.0.1

appleitunesMatch4.1.0

appleitunesMatch4.2.0

appleitunesMatch4.5.0

appleitunesMatch4.6.0

appleitunesMatch4.7.0

appleitunesMatch4.7.1

appleitunesMatch4.7.2

appleitunesMatch4.8.0

appleitunesMatch4.9.0

appleitunesMatch5.0.0

appleitunesMatch5.0.1

appleitunesMatch6.0.0

appleitunesMatch6.0.1

appleitunesMatch6.0.2

appleitunesMatch6.0.3

appleitunesMatch6.0.4

appleitunesMatch6.0.5

appleitunesMatch7.0.0

appleitunesMatch7.0.1

appleitunesMatch7.0.2

appleitunesMatch7.1.0

appleitunesMatch7.1.1

appleitunesMatch7.2.0

appleitunesMatch7.3.0

appleitunesMatch7.3.1

appleitunesMatch7.3.2

appleitunesMatch7.4.0

appleitunesMatch7.4.1

appleitunesMatch7.4.2

appleitunesMatch7.4.3

appleitunesMatch7.5.0

appleitunesMatch7.6.0

appleitunesMatch7.6.1

appleitunesMatch7.6.2

appleitunesMatch7.7.0

appleitunesMatch7.7.1

appleitunesMatch8.0.0

appleitunesMatch8.0.1

appleitunesMatch9.0.0

appleitunesMatch9.0.1

appleitunesMatch9.0.2

appleitunesMatch9.0.3

appleitunesMatch9.1

appleitunesMatch9.1.1

appleitunesMatch9.2

appleitunesMatch9.2.1

appleitunesMatch10.0

appleitunesMatch10.0.1

appleitunesMatch10.1

appleitunesMatch10.1.1

appleitunesMatch10.1.2

appleitunesMatch10.2

appleitunesMatch10.3

appleitunesMatch10.3.1

appleitunesMatch10.4

applewebkit

CPENameOperatorVersion
apple:itunesapple itunesle10.4.1
apple:itunesapple ituneseq4.0.0
apple:itunesapple ituneseq4.0.1
apple:itunesapple ituneseq4.1.0
apple:itunesapple ituneseq4.2.0
apple:itunesapple ituneseq4.5.0
apple:itunesapple ituneseq4.6.0
apple:itunesapple ituneseq4.7.0
apple:itunesapple ituneseq4.7.1
apple:itunesapple ituneseq4.7.2

CPE	Name	Operator	Version
apple:itunes	apple itunes	le	10.4.1
apple:itunes	apple itunes	eq	4.0.0
apple:itunes	apple itunes	eq	4.0.1
apple:itunes	apple itunes	eq	4.1.0
apple:itunes	apple itunes	eq	4.2.0
apple:itunes	apple itunes	eq	4.5.0
apple:itunes	apple itunes	eq	4.6.0
apple:itunes	apple itunes	eq	4.7.0
apple:itunes	apple itunes	eq	4.7.1
apple:itunes	apple itunes	eq	4.7.2