Lucene search

K
cve[email protected]CVE-2011-3235
HistoryOct 12, 2011 - 6:55 p.m.

CVE-2011-3235

2011-10-1218:55:01
CWE-119
web.nvd.nist.gov
27
cve-2011-3235
webkit
apple itunes
code execution
denial of service
memory corruption
application crash
security vulnerability

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.009

Percentile

82.5%

WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.

Affected configurations

NVD
Node
appleitunesRangeโ‰ค10.4.1
OR
appleitunesMatch4.0.0
OR
appleitunesMatch4.0.1
OR
appleitunesMatch4.1.0
OR
appleitunesMatch4.2.0
OR
appleitunesMatch4.5.0
OR
appleitunesMatch4.6.0
OR
appleitunesMatch4.7.0
OR
appleitunesMatch4.7.1
OR
appleitunesMatch4.7.2
OR
appleitunesMatch4.8.0
OR
appleitunesMatch4.9.0
OR
appleitunesMatch5.0.0
OR
appleitunesMatch5.0.1
OR
appleitunesMatch6.0.0
OR
appleitunesMatch6.0.1
OR
appleitunesMatch6.0.2
OR
appleitunesMatch6.0.3
OR
appleitunesMatch6.0.4
OR
appleitunesMatch6.0.5
OR
appleitunesMatch7.0.0
OR
appleitunesMatch7.0.1
OR
appleitunesMatch7.0.2
OR
appleitunesMatch7.1.0
OR
appleitunesMatch7.1.1
OR
appleitunesMatch7.2.0
OR
appleitunesMatch7.3.0
OR
appleitunesMatch7.3.1
OR
appleitunesMatch7.3.2
OR
appleitunesMatch7.4.0
OR
appleitunesMatch7.4.1
OR
appleitunesMatch7.4.2
OR
appleitunesMatch7.4.3
OR
appleitunesMatch7.5.0
OR
appleitunesMatch7.6.0
OR
appleitunesMatch7.6.1
OR
appleitunesMatch7.6.2
OR
appleitunesMatch7.7.0
OR
appleitunesMatch7.7.1
OR
appleitunesMatch8.0.0
OR
appleitunesMatch8.0.1
OR
appleitunesMatch9.0.0
OR
appleitunesMatch9.0.1
OR
appleitunesMatch9.0.2
OR
appleitunesMatch9.0.3
OR
appleitunesMatch9.1
OR
appleitunesMatch9.1.1
OR
appleitunesMatch9.2
OR
appleitunesMatch9.2.1
OR
appleitunesMatch10.0
OR
appleitunesMatch10.0.1
OR
appleitunesMatch10.1
OR
appleitunesMatch10.1.1
OR
appleitunesMatch10.1.2
OR
appleitunesMatch10.2
OR
appleitunesMatch10.3
OR
appleitunesMatch10.3.1
OR
appleitunesMatch10.4
OR
applewebkit
VendorProductVersionCPE
appleitunes10.3cpe:/a:apple:itunes:10.3:::
appleitunes7.4.2cpe:/a:apple:itunes:7.4.2:::
appleitunes10.4cpe:/a:apple:itunes:10.4:::
appleitunes6.0.2cpe:/a:apple:itunes:6.0.2:::
appleitunes5.0.0cpe:/a:apple:itunes:5.0.0:::
appleitunes7.3.1cpe:/a:apple:itunes:7.3.1:::
appleitunescpe:/a:apple:itunes::::
appleitunes6.0.3cpe:/a:apple:itunes:6.0.3:::
appleitunes6.0.5cpe:/a:apple:itunes:6.0.5:::
appleitunes7.6.0cpe:/a:apple:itunes:7.6.0:::
Rows per page:
1-10 of 591

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.009

Percentile

82.5%