Lucene search
AppleCVE-2013-1010HistoryMay 20, 2013 - 2:44 p.m.
CVE-2013-1010
2013-05-2014:44:35
CWE-399
apple
web.nvd.nist.gov
34
cve-2013-1010
webkit
apple itunes
man-in-the-middle attack
memory corruption
denial of service
cve
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.004
Percentile
73.6%
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
Affected configurations
Node
appleiphone_osRange≤6.1.4
ORappleiphone_osMatch1.0.0
ORappleiphone_osMatch1.0.1
ORappleiphone_osMatch1.0.2
ORappleiphone_osMatch1.1.0
ORappleiphone_osMatch1.1.1
ORappleiphone_osMatch1.1.2
ORappleiphone_osMatch1.1.3
ORappleiphone_osMatch1.1.4
ORappleiphone_osMatch1.1.5
ORappleiphone_osMatch2.0
ORappleiphone_osMatch2.0.0
ORappleiphone_osMatch2.0.1
ORappleiphone_osMatch2.0.2
ORappleiphone_osMatch2.1
ORappleiphone_osMatch2.1.1
ORappleiphone_osMatch2.2
ORappleiphone_osMatch2.2.1
ORappleiphone_osMatch3.0
ORappleiphone_osMatch3.0.1
ORappleiphone_osMatch3.1
ORappleiphone_osMatch3.1.2
ORappleiphone_osMatch3.1.3
ORappleiphone_osMatch3.2
ORappleiphone_osMatch3.2.1
ORappleiphone_osMatch3.2.2
ORappleiphone_osMatch4.0
ORappleiphone_osMatch4.0.1
ORappleiphone_osMatch4.0.2
ORappleiphone_osMatch4.1
ORappleiphone_osMatch4.2.1
ORappleiphone_osMatch4.2.5
ORappleiphone_osMatch4.2.8
ORappleiphone_osMatch4.3.0
ORappleiphone_osMatch4.3.1
ORappleiphone_osMatch4.3.2
ORappleiphone_osMatch4.3.3
ORappleiphone_osMatch4.3.5
ORappleiphone_osMatch5.0
ORappleiphone_osMatch5.0.1
ORappleiphone_osMatch5.1
ORappleiphone_osMatch5.1.1
ORappleiphone_osMatch6.0
ORappleiphone_osMatch6.0.1
ORappleiphone_osMatch6.0.2
ORappleiphone_osMatch6.1
ORappleiphone_osMatch6.1.2
ORappleiphone_osMatch6.1.3
Node
appleitunesRange≤11.0.2
ORappleitunesMatch4.0.0
ORappleitunesMatch4.0.1
ORappleitunesMatch4.1.0
ORappleitunesMatch4.2.0
ORappleitunesMatch4.5
ORappleitunesMatch4.5.0
ORappleitunesMatch4.6
ORappleitunesMatch4.6.0
ORappleitunesMatch4.7
ORappleitunesMatch4.7.0
ORappleitunesMatch4.7.1
ORappleitunesMatch4.7.2
ORappleitunesMatch4.8.0
ORappleitunesMatch4.9.0
ORappleitunesMatch5.0
ORappleitunesMatch5.0.0
ORappleitunesMatch5.0.1
ORappleitunesMatch6.0.0
ORappleitunesMatch6.0.1
ORappleitunesMatch6.0.2
ORappleitunesMatch6.0.3
ORappleitunesMatch6.0.4
ORappleitunesMatch6.0.5
ORappleitunesMatch7.0.0
ORappleitunesMatch7.0.1
ORappleitunesMatch7.0.2
ORappleitunesMatch7.1.0
ORappleitunesMatch7.1.1
ORappleitunesMatch7.2.0
ORappleitunesMatch7.3.0
ORappleitunesMatch7.3.1
ORappleitunesMatch7.3.2
ORappleitunesMatch7.4
ORappleitunesMatch7.4.0
ORappleitunesMatch7.4.1
ORappleitunesMatch7.4.2
ORappleitunesMatch7.4.3
ORappleitunesMatch7.5
ORappleitunesMatch7.5.0
ORappleitunesMatch7.6
ORappleitunesMatch7.6.0
ORappleitunesMatch7.6.1
ORappleitunesMatch7.6.2
ORappleitunesMatch7.7
ORappleitunesMatch7.7.0
ORappleitunesMatch7.7.1
ORappleitunesMatch8.0.0
ORappleitunesMatch8.0.1
ORappleitunesMatch9.0.0
ORappleitunesMatch9.0.1
ORappleitunesMatch9.0.2
ORappleitunesMatch9.0.3
ORappleitunesMatch9.1
ORappleitunesMatch9.1.1
ORappleitunesMatch9.2
ORappleitunesMatch9.2.1
ORappleitunesMatch10.0
ORappleitunesMatch10.0.1
ORappleitunesMatch10.1
ORappleitunesMatch10.1.1
ORappleitunesMatch10.1.1.4
ORappleitunesMatch10.1.2
ORappleitunesMatch10.2
ORappleitunesMatch10.2.2.12
ORappleitunesMatch10.3
ORappleitunesMatch10.3.1
ORappleitunesMatch10.4
ORappleitunesMatch10.4.0.80
ORappleitunesMatch10.4.1
ORappleitunesMatch10.4.1.10
ORappleitunesMatch10.5
ORappleitunesMatch10.5.1
ORappleitunesMatch10.5.1.42
ORappleitunesMatch10.5.2
ORappleitunesMatch10.5.3
ORappleitunesMatch10.6
ORappleitunesMatch10.6.1
ORappleitunesMatch10.6.3
microsoftwindows_7
ORmicrosoftwindows_vista
ORmicrosoftwindows_xpMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| apple | iphone_os | * | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
| apple | iphone_os | 1.0.0 | cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:* |
| apple | iphone_os | 1.0.1 | cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:* |
| apple | iphone_os | 1.0.2 | cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.0 | cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.1 | cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.2 | cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.3 | cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.4 | cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:* |
| apple | iphone_os | 1.1.5 | cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:* |
References
lists.apple.com/archives/security-announce/2013/Jun/msg00001.html
lists.apple.com/archives/security-announce/2013/May/msg00000.html
lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
secunia.com/advisories/54886
support.apple.com/kb/HT5766
support.apple.com/kb/HT5785
support.apple.com/kb/HT5934
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17123
Related
nvd
nvd
CVE-2013-1010
2013-05-20 14:44:35
cvelist
cvelist
CVE-2013-1010
2013-05-19 10:00:00
ubuntucve
ubuntucve
CVE-2013-1010
2013-05-20 00:00:00
prion
prion
Memory corruption
2013-05-20 14:44:00
openvas
openvas
Apple iTunes Multiple Vulnerabilities (Jun 2013) - Windows
2013-06-06 00:00:00
Apple iTunes Multiple Vulnerabilities - June13 (Windows)
2013-06-06 00:00:00
Apple iTunes Multiple Vulnerabilities (Jun 2013) - Mac OS X
2013-06-06 00:00:00
kaspersky
kaspersky
KLA10076 Multiple vulnerabilities in Apple iTunes
2013-05-22 00:00:00
nessus
nessus
Safari < 6.0.5 Multiple Security Vulnerabilities
2013-06-05 00:00:00
Mac OS X : Apple Safari < 6.0.5 Multiple Vulnerabilities
2013-06-05 00:00:00
Apple iTunes < 11.0.3 Multiple Vulnerabilities (credentialed check)
2013-05-17 00:00:00
securityvulns
securityvulns
APPLE-SA-2013-06-04-2 Safari 6.0.5
2013-06-17 00:00:00
WebKit / Apple Safari multiple security vulnerabilities
2013-06-17 00:00:00
APPLE-SA-2013-05-16-1 iTunes 11.0.3
2013-05-27 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.004
Percentile
73.6%
Related for CVE-2013-1010