Lucene search
HistoryOct 14, 2011 - 10:55 a.m.
CVE-2011-3243
cve-2011-3243
cross-site scripting
xss
webkit
apple ios
safari
remote attackers
web script
html
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.5%
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script or HTML via vectors involving inactive DOM windows.
Affected configurations
Node
appleiphone_osMatch3.0-iphone
ORappleiphone_osMatch3.1
ORappleiphone_osMatch3.1-iphone
ORappleiphone_osMatch3.1-ipodtouch
ORappleiphone_osMatch3.1.2-iphone
ORappleiphone_osMatch3.1.3-iphone
ORappleiphone_osMatch3.2-iphone
ORappleiphone_osMatch3.2-ipodtouch
ORappleiphone_osMatch3.2.1
ORappleiphone_osMatch3.2.1-ipad
ORappleiphone_osMatch3.2.2
ORappleiphone_osMatch4.0
ORappleiphone_osMatch4.0-iphone
ORappleiphone_osMatch4.0-ipodtouch
ORappleiphone_osMatch4.0.1
ORappleiphone_osMatch4.0.1-iphone
ORappleiphone_osMatch4.0.1-ipodtouch
ORappleiphone_osMatch4.0.2
ORappleiphone_osMatch4.1
ORappleiphone_osMatch4.2.1
ORappleiphone_osMatch4.2.5
ORappleiphone_osMatch4.2.8
ORappleiphone_osMatch4.3.0
ORappleiphone_osMatch4.3.1
ORappleiphone_osMatch4.3.2
ORappleiphone_osMatch4.3.3
ORappleiphone_osMatch4.3.5
ORappleiphone_osMatch4.3.5-ipad
ORappleiphone_osMatch4.3.5-ipodtouch
Node
applesafari
ORapplesafariRange≤5.1
ORapplesafariMatch1.0
ORapplesafariMatch1.0beta
ORapplesafariMatch1.0beta2
ORapplesafariMatch1.0.0
ORapplesafariMatch1.0.0b1
ORapplesafariMatch1.0.0b2
ORapplesafariMatch1.0.1
ORapplesafariMatch1.0.2
ORapplesafariMatch1.0.3
ORapplesafariMatch1.0.385.8
ORapplesafariMatch1.0.385.8.1
ORapplesafariMatch1.0b1-mac
ORapplesafariMatch1.1
ORapplesafariMatch1.1.0
ORapplesafariMatch1.1.1
ORapplesafariMatch1.2
ORapplesafariMatch1.2.0
ORapplesafariMatch1.2.1
ORapplesafariMatch1.2.2
ORapplesafariMatch1.2.3
ORapplesafariMatch1.2.4
ORapplesafariMatch1.2.5
ORapplesafariMatch1.3
ORapplesafariMatch1.3.0
ORapplesafariMatch1.3.1
ORapplesafariMatch1.3.2
ORapplesafariMatch1.3.2312.5
ORapplesafariMatch1.3.2312.6
ORapplesafariMatch2
ORapplesafariMatch2.0
ORapplesafariMatch2.0.0
ORapplesafariMatch2.0.1
ORapplesafariMatch2.0.2
ORapplesafariMatch2.0.3
ORapplesafariMatch2.0.3417.8
ORapplesafariMatch2.0.3417.9
ORapplesafariMatch2.0.3417.9.2
ORapplesafariMatch2.0.3417.9.3
ORapplesafariMatch2.0.4
ORapplesafariMatch2.0.4-mac
ORapplesafariMatch3
ORapplesafariMatch3.0
ORapplesafariMatch3.0.0
ORapplesafariMatch3.0.0-mac
ORapplesafariMatch3.0.0b
ORapplesafariMatch3.0.0b-windows
ORapplesafariMatch3.0.1
ORapplesafariMatch3.0.1-mac
ORapplesafariMatch3.0.1beta
ORapplesafariMatch3.0.1b
ORapplesafariMatch3.0.1b-windows
ORapplesafariMatch3.0.2
ORapplesafariMatch3.0.2-mac
ORapplesafariMatch3.0.2b
ORapplesafariMatch3.0.2b-windows
ORapplesafariMatch3.0.3
ORapplesafariMatch3.0.3-mac
ORapplesafariMatch3.0.3b
ORapplesafariMatch3.0.3b-windows
ORapplesafariMatch3.0.4
ORapplesafariMatch3.0.4-mac
ORapplesafariMatch3.0.4b
ORapplesafariMatch3.0.4b-windows
ORapplesafariMatch3.1.0
ORapplesafariMatch3.1.0-mac
ORapplesafariMatch3.1.0b
ORapplesafariMatch3.1.0b-windows
ORapplesafariMatch3.1.1
ORapplesafariMatch3.1.1b-windows
ORapplesafariMatch3.1.2
ORapplesafariMatch3.1.2b-windows
ORapplesafariMatch3.2.0
ORapplesafariMatch3.2.0b-windows
ORapplesafariMatch3.2.1
ORapplesafariMatch3.2.1b-windows
ORapplesafariMatch3.2.2
ORapplesafariMatch3.2.2b-windows
ORapplesafariMatch4.0
ORapplesafariMatch4.0beta
ORapplesafariMatch4.0.0b
ORapplesafariMatch4.0.1
ORapplesafariMatch4.0.2
ORapplesafariMatch4.0.3
ORapplesafariMatch4.0.4
ORapplesafariMatch4.0.5
ORapplesafariMatch4.1
ORapplesafariMatch4.1.1
ORapplesafariMatch4.1.2
ORapplesafariMatch5.0
ORapplesafariMatch5.0.1
ORapplesafariMatch5.0.2
ORapplesafariMatch5.0.3
ORapplesafariMatch5.0.4
ORapplesafariMatch5.0.5
ORapplesafariMatch5.0.6
References
Social References
More
Related
nvd
nvd
CVE-2011-3243
2011-10-14 10:55:09
ubuntucve
ubuntucve
CVE-2011-3243
2011-10-14 00:00:00
prion
prion
Cross site scripting
2011-10-14 10:55:00
cvelist
cvelist
CVE-2011-3243
2011-10-14 10:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows)
2012-05-24 00:00:00
Apple Safari Multiple Vulnerabilities (Oct 2011) - Windows
2012-05-24 00:00:00
Apple Mac OS X v10.6.8 Safari Multiple Vulnerabilities
2011-10-20 00:00:00
securityvulns
securityvulns
APPLE-SA-2011-10-12-4 Safari 5.1.1
2011-10-15 00:00:00
APPLE-SA-2011-10-12-1 iOS 5 Software Update
2011-10-15 00:00:00
Apple iPhone multiple security vulnerabilities
2011-10-16 00:00:00
nessus
nessus
Safari < 5.1.1 Multiple Vulnerabilities
2011-10-13 00:00:00
Mac OS X : Apple Safari < 5.1.1
2011-10-13 00:00:00
Apple iOS < 5.0 Multiple Vulnerabilities (BEAST)
2012-06-19 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
68.5%
Related for CVE-2011-3243