Lucene search

[email protected]CVE-2011-3235

HistoryOct 12, 2011 - 6:55 p.m.

CVE-2011-3235

2011-10-1218:55:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-3235

webkit

apple itunes

code execution

denial of service

memory corruption

application crash

security vulnerability

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.009

Percentile

82.5%

JSON

WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.

Affected configurations

NVD

Node

appleitunesRange≤10.4.1

appleitunesMatch4.0.0

appleitunesMatch4.0.1

appleitunesMatch4.1.0

appleitunesMatch4.2.0

appleitunesMatch4.5.0

appleitunesMatch4.6.0

appleitunesMatch4.7.0

appleitunesMatch4.7.1

appleitunesMatch4.7.2

appleitunesMatch4.8.0

appleitunesMatch4.9.0

appleitunesMatch5.0.0

appleitunesMatch5.0.1

appleitunesMatch6.0.0

appleitunesMatch6.0.1

appleitunesMatch6.0.2

appleitunesMatch6.0.3

appleitunesMatch6.0.4

appleitunesMatch6.0.5

appleitunesMatch7.0.0

appleitunesMatch7.0.1

appleitunesMatch7.0.2

appleitunesMatch7.1.0

appleitunesMatch7.1.1

appleitunesMatch7.2.0

appleitunesMatch7.3.0

appleitunesMatch7.3.1

appleitunesMatch7.3.2

appleitunesMatch7.4.0

appleitunesMatch7.4.1

appleitunesMatch7.4.2

appleitunesMatch7.4.3

appleitunesMatch7.5.0

appleitunesMatch7.6.0

appleitunesMatch7.6.1

appleitunesMatch7.6.2

appleitunesMatch7.7.0

appleitunesMatch7.7.1

appleitunesMatch8.0.0

appleitunesMatch8.0.1

appleitunesMatch9.0.0

appleitunesMatch9.0.1

appleitunesMatch9.0.2

appleitunesMatch9.0.3

appleitunesMatch9.1

appleitunesMatch9.1.1

appleitunesMatch9.2

appleitunesMatch9.2.1

appleitunesMatch10.0

appleitunesMatch10.0.1

appleitunesMatch10.1

appleitunesMatch10.1.1

appleitunesMatch10.1.2

appleitunesMatch10.2

appleitunesMatch10.3

appleitunesMatch10.3.1

appleitunesMatch10.4

applewebkit

VendorProductVersionCPE
appleitunes10.3cpe:/a:apple:itunes:10.3:::
appleitunes7.4.2cpe:/a:apple:itunes:7.4.2:::
appleitunes10.4cpe:/a:apple:itunes:10.4:::
appleitunes6.0.2cpe:/a:apple:itunes:6.0.2:::
appleitunes5.0.0cpe:/a:apple:itunes:5.0.0:::
appleitunes7.3.1cpe:/a:apple:itunes:7.3.1:::
appleitunescpe:/a:apple:itunes::::
appleitunes6.0.3cpe:/a:apple:itunes:6.0.3:::
appleitunes6.0.5cpe:/a:apple:itunes:6.0.5:::
appleitunes7.6.0cpe:/a:apple:itunes:7.6.0:::

Vendor	Product	Version	CPE
apple	itunes	10.3	cpe:/a:apple:itunes:10.3:::
apple	itunes	7.4.2	cpe:/a:apple:itunes:7.4.2:::
apple	itunes	10.4	cpe:/a:apple:itunes:10.4:::
apple	itunes	6.0.2	cpe:/a:apple:itunes:6.0.2:::
apple	itunes	5.0.0	cpe:/a:apple:itunes:5.0.0:::
apple	itunes	7.3.1	cpe:/a:apple:itunes:7.3.1:::
apple	itunes		cpe:/a:apple:itunes::::
apple	itunes	6.0.3	cpe:/a:apple:itunes:6.0.3:::
apple	itunes	6.0.5	cpe:/a:apple:itunes:6.0.5:::
apple	itunes	7.6.0	cpe:/a:apple:itunes:7.6.0:::