Lucene search

K
cve[email protected]CVE-2011-3218
HistoryOct 14, 2011 - 10:55 a.m.

CVE-2011-3218

2011-10-1410:55:08
CWE-79
web.nvd.nist.gov
34
cve-2011-3218
quicktime
apple
mac os x
xss
cross-site scripting
man-in-the-middle
local viewing
exported document
nvd

7.2 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

51.3%

The “Save for Web” selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document.

Affected configurations

NVD
Node
applemac_os_xRange10.6.8
OR
applemac_os_xMatch10.0
OR
applemac_os_xMatch10.0.0
OR
applemac_os_xMatch10.0.1
OR
applemac_os_xMatch10.0.2
OR
applemac_os_xMatch10.0.3
OR
applemac_os_xMatch10.0.4
OR
applemac_os_xMatch10.1
OR
applemac_os_xMatch10.1.0
OR
applemac_os_xMatch10.1.1
OR
applemac_os_xMatch10.1.2
OR
applemac_os_xMatch10.1.3
OR
applemac_os_xMatch10.1.4
OR
applemac_os_xMatch10.1.5
OR
applemac_os_xMatch10.2
OR
applemac_os_xMatch10.2.0
OR
applemac_os_xMatch10.2.1
OR
applemac_os_xMatch10.2.2
OR
applemac_os_xMatch10.2.3
OR
applemac_os_xMatch10.2.4
OR
applemac_os_xMatch10.2.5
OR
applemac_os_xMatch10.2.6
OR
applemac_os_xMatch10.2.7
OR
applemac_os_xMatch10.2.8
OR
applemac_os_xMatch10.3
OR
applemac_os_xMatch10.3.0
OR
applemac_os_xMatch10.3.1
OR
applemac_os_xMatch10.3.2
OR
applemac_os_xMatch10.3.3
OR
applemac_os_xMatch10.3.4
OR
applemac_os_xMatch10.3.5
OR
applemac_os_xMatch10.3.6
OR
applemac_os_xMatch10.3.7
OR
applemac_os_xMatch10.3.8
OR
applemac_os_xMatch10.3.9
OR
applemac_os_xMatch10.4
OR
applemac_os_xMatch10.4.0
OR
applemac_os_xMatch10.4.1
OR
applemac_os_xMatch10.4.2
OR
applemac_os_xMatch10.4.3
OR
applemac_os_xMatch10.4.4
OR
applemac_os_xMatch10.4.5
OR
applemac_os_xMatch10.4.6
OR
applemac_os_xMatch10.4.7
OR
applemac_os_xMatch10.4.8
OR
applemac_os_xMatch10.4.9
OR
applemac_os_xMatch10.4.10
OR
applemac_os_xMatch10.4.11
OR
applemac_os_xMatch10.5
OR
applemac_os_xMatch10.5.0
OR
applemac_os_xMatch10.5.1
OR
applemac_os_xMatch10.5.2
OR
applemac_os_xMatch10.5.3
OR
applemac_os_xMatch10.5.4
OR
applemac_os_xMatch10.5.5
OR
applemac_os_xMatch10.5.6
OR
applemac_os_xMatch10.5.7
OR
applemac_os_xMatch10.5.8
OR
applemac_os_xMatch10.6.0
OR
applemac_os_xMatch10.6.1
OR
applemac_os_xMatch10.6.2
OR
applemac_os_xMatch10.6.3
OR
applemac_os_xMatch10.6.4
OR
applemac_os_xMatch10.6.5
OR
applemac_os_xMatch10.6.6
OR
applemac_os_xMatch10.6.7
OR
applemac_os_x_serverRange10.6.8
OR
applemac_os_x_serverMatch10.0
OR
applemac_os_x_serverMatch10.0.0
OR
applemac_os_x_serverMatch10.0.1
OR
applemac_os_x_serverMatch10.0.2
OR
applemac_os_x_serverMatch10.0.3
OR
applemac_os_x_serverMatch10.0.4
OR
applemac_os_x_serverMatch10.1
OR
applemac_os_x_serverMatch10.1.0
OR
applemac_os_x_serverMatch10.1.1
OR
applemac_os_x_serverMatch10.1.2
OR
applemac_os_x_serverMatch10.1.3
OR
applemac_os_x_serverMatch10.1.4
OR
applemac_os_x_serverMatch10.1.5
OR
applemac_os_x_serverMatch10.2
OR
applemac_os_x_serverMatch10.2.0
OR
applemac_os_x_serverMatch10.2.1
OR
applemac_os_x_serverMatch10.2.2
OR
applemac_os_x_serverMatch10.2.3
OR
applemac_os_x_serverMatch10.2.4
OR
applemac_os_x_serverMatch10.2.5
OR
applemac_os_x_serverMatch10.2.6
OR
applemac_os_x_serverMatch10.2.7
OR
applemac_os_x_serverMatch10.2.8
OR
applemac_os_x_serverMatch10.3
OR
applemac_os_x_serverMatch10.3.0
OR
applemac_os_x_serverMatch10.3.1
OR
applemac_os_x_serverMatch10.3.2
OR
applemac_os_x_serverMatch10.3.3
OR
applemac_os_x_serverMatch10.3.4
OR
applemac_os_x_serverMatch10.3.5
OR
applemac_os_x_serverMatch10.3.6
OR
applemac_os_x_serverMatch10.3.7
OR
applemac_os_x_serverMatch10.3.8
OR
applemac_os_x_serverMatch10.3.9
OR
applemac_os_x_serverMatch10.4
OR
applemac_os_x_serverMatch10.4.0
OR
applemac_os_x_serverMatch10.4.1
OR
applemac_os_x_serverMatch10.4.2
OR
applemac_os_x_serverMatch10.4.3
OR
applemac_os_x_serverMatch10.4.4
OR
applemac_os_x_serverMatch10.4.5
OR
applemac_os_x_serverMatch10.4.6
OR
applemac_os_x_serverMatch10.4.7
OR
applemac_os_x_serverMatch10.4.8
OR
applemac_os_x_serverMatch10.4.9
OR
applemac_os_x_serverMatch10.4.10
OR
applemac_os_x_serverMatch10.4.11
OR
applemac_os_x_serverMatch10.5
OR
applemac_os_x_serverMatch10.5.0
OR
applemac_os_x_serverMatch10.5.1
OR
applemac_os_x_serverMatch10.5.2
OR
applemac_os_x_serverMatch10.5.3
OR
applemac_os_x_serverMatch10.5.4
OR
applemac_os_x_serverMatch10.5.5
OR
applemac_os_x_serverMatch10.5.6
OR
applemac_os_x_serverMatch10.5.7
OR
applemac_os_x_serverMatch10.5.8
OR
applemac_os_x_serverMatch10.6.0
OR
applemac_os_x_serverMatch10.6.1
OR
applemac_os_x_serverMatch10.6.2
OR
applemac_os_x_serverMatch10.6.3
OR
applemac_os_x_serverMatch10.6.4
OR
applemac_os_x_serverMatch10.6.5
OR
applemac_os_x_serverMatch10.6.6
OR
applemac_os_x_serverMatch10.6.7

7.2 High

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

51.3%