Lucene search

PRIOn knowledge basePRION:CVE-2011-0259

HistoryOct 12, 2011 - 6:55 p.m.

Memory corruption

2011-10-1218:55:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.0%

JSON

CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

CPENameOperatorVersion
itunesle10.4.1
ituneseq4.0.0
ituneseq4.0.1
ituneseq4.1.0
ituneseq4.2.0
ituneseq4.5
ituneseq4.5.0
ituneseq4.6
ituneseq4.6.0
ituneseq4.7

Name	Operator	Version
itunes	le	10.4.1
itunes	eq	4.0.0
itunes	eq	4.0.1
itunes	eq	4.1.0
itunes	eq	4.2.0
itunes	eq	4.5
itunes	eq	4.5.0
itunes	eq	4.6
itunes	eq	4.6.0
itunes	eq	4.7

Rows per page:

1-10 of 701

References

lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html

lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html

lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

support.apple.com/kb/HT4981

support.apple.com/kb/HT4999

support.apple.com/kb/HT5002

www.securityfocus.com/bid/50067

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16919

7.9 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.0%

JSON

Related for PRION:CVE-2011-0259