Lucene search
AppleCVE-2011-3443HistoryMar 02, 2012 - 12:55 a.m.
CVE-2011-3443
2012-03-0200:55:02
CWE-399
apple
web.nvd.nist.gov
25
webkit
apple safari
cve-2011-3443
vulnerability
remote attackers
arbitrary code
denial of service
heap memory corruption
application crash
cascading style sheets
css
@font-face rules
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
High
EPSS
0.02
Percentile
89.2%
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors related to improper list management for Cascading Style Sheets (CSS) @font-face rules.
Affected configurations
Node
applesafariRange≤5.0.5
ORapplesafariMatch1.0
ORapplesafariMatch1.0beta
ORapplesafariMatch1.0beta2
ORapplesafariMatch1.0.0
ORapplesafariMatch1.0.0b1
ORapplesafariMatch1.0.0b2
ORapplesafariMatch1.0.1
ORapplesafariMatch1.0.2
ORapplesafariMatch1.0.3
ORapplesafariMatch1.0.385.8
ORapplesafariMatch1.0.385.8.1
ORapplesafariMatch1.0b1-mac
ORapplesafariMatch1.1
ORapplesafariMatch1.1.0
ORapplesafariMatch1.1.1
ORapplesafariMatch1.2
ORapplesafariMatch1.2.0
ORapplesafariMatch1.2.1
ORapplesafariMatch1.2.2
ORapplesafariMatch1.2.3
ORapplesafariMatch1.2.4
ORapplesafariMatch1.2.5
ORapplesafariMatch1.3
ORapplesafariMatch1.3.0
ORapplesafariMatch1.3.1
ORapplesafariMatch1.3.2
ORapplesafariMatch1.3.2312.5
ORapplesafariMatch1.3.2312.6
ORapplesafariMatch2.0
ORapplesafariMatch2.0.0
ORapplesafariMatch2.0.1
ORapplesafariMatch2.0.2
ORapplesafariMatch2.0.3
ORapplesafariMatch2.0.3417.8
ORapplesafariMatch2.0.3417.9
ORapplesafariMatch2.0.3417.9.2
ORapplesafariMatch2.0.3417.9.3
ORapplesafariMatch2.0.4
ORapplesafariMatch2.0.4-mac
ORapplesafariMatch3.0
ORapplesafariMatch3.0.0
ORapplesafariMatch3.0.0-mac
ORapplesafariMatch3.0.0b
ORapplesafariMatch3.0.0b-windows
ORapplesafariMatch3.0.1
ORapplesafariMatch3.0.1-mac
ORapplesafariMatch3.0.1beta
ORapplesafariMatch3.0.1b
ORapplesafariMatch3.0.1b-windows
ORapplesafariMatch3.0.2
ORapplesafariMatch3.0.2-mac
ORapplesafariMatch3.0.2b
ORapplesafariMatch3.0.2b-windows
ORapplesafariMatch3.0.3
ORapplesafariMatch3.0.3-mac
ORapplesafariMatch3.0.3b
ORapplesafariMatch3.0.3b-windows
ORapplesafariMatch3.0.4
ORapplesafariMatch3.0.4-mac
ORapplesafariMatch3.0.4b
ORapplesafariMatch3.0.4b-windows
ORapplesafariMatch3.1.0
ORapplesafariMatch3.1.0-mac
ORapplesafariMatch3.1.0b
ORapplesafariMatch3.1.0b-windows
ORapplesafariMatch3.1.1
ORapplesafariMatch3.1.1b-windows
ORapplesafariMatch3.1.2
ORapplesafariMatch3.1.2b-windows
ORapplesafariMatch3.2.0
ORapplesafariMatch3.2.0b-windows
ORapplesafariMatch3.2.1
ORapplesafariMatch3.2.1b-windows
ORapplesafariMatch3.2.2
ORapplesafariMatch3.2.2b-windows
ORapplesafariMatch4.0
ORapplesafariMatch4.0beta
ORapplesafariMatch4.0.0b
ORapplesafariMatch4.0.1
ORapplesafariMatch4.0.2
ORapplesafariMatch4.0.3
ORapplesafariMatch4.0.4
ORapplesafariMatch4.0.5
ORapplesafariMatch4.1
ORapplesafariMatch4.1.1
ORapplesafariMatch4.1.2
ORapplesafariMatch5.0.1
ORapplesafariMatch5.0.2
ORapplesafariMatch5.0.3
ORapplesafariMatch5.0.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | safari | * | cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* |
| apple | safari | 1.0 | cpe:2.3:a:apple:safari:1.0:*:*:*:*:*:*:* |
| apple | safari | 1.0 | cpe:2.3:a:apple:safari:1.0:beta:*:*:*:*:*:* |
| apple | safari | 1.0 | cpe:2.3:a:apple:safari:1.0:beta2:*:*:*:*:*:* |
| apple | safari | 1.0.0 | cpe:2.3:a:apple:safari:1.0.0:*:*:*:*:*:*:* |
| apple | safari | 1.0.0b1 | cpe:2.3:a:apple:safari:1.0.0b1:*:*:*:*:*:*:* |
| apple | safari | 1.0.0b2 | cpe:2.3:a:apple:safari:1.0.0b2:*:*:*:*:*:*:* |
| apple | safari | 1.0.1 | cpe:2.3:a:apple:safari:1.0.1:*:*:*:*:*:*:* |
| apple | safari | 1.0.2 | cpe:2.3:a:apple:safari:1.0.2:*:*:*:*:*:*:* |
| apple | safari | 1.0.3 | cpe:2.3:a:apple:safari:1.0.3:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2012-03-02 00:55:00
nvd
nvd
CVE-2011-3443
2012-03-02 00:55:02
ubuntucve
ubuntucve
CVE-2011-3443
2012-03-02 00:00:00
cvelist
cvelist
CVE-2011-3443
2012-03-02 00:00:00
openvas
openvas
Apple Safari Multiple Vulnerabilities (Jul 2011) - Mac OS X
2011-08-12 00:00:00
Apple Safari Multiple Vulnerabilities - July 2011 (Mac OS X)
2011-08-12 00:00:00
Apple Safari Multiple Vulnerabilities - July 2011
2011-07-27 00:00:00
nessus
nessus
Safari < 5.1 Multiple Vulnerabilities
2011-07-21 00:00:00
Mac OS X : Apple Safari < 5.1 / 5.0.6
2011-07-21 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
High
EPSS
0.02
Percentile
89.2%
Related for CVE-2011-3443