Lucene search

K
ubuntucveUbuntu.comUB:CVE-2011-2356
HistoryOct 12, 2011 - 12:00 a.m.

CVE-2011-2356

2011-10-1200:00:00
ubuntu.com
ubuntu.com
9

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.0%

WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle
attackers to execute arbitrary code or cause a denial of service (memory
corruption and application crash) via vectors related to iTunes Store
browsing, a different vulnerability than other CVEs listed in
APPLE-SA-2011-10-11-1.

Notes

Author Note
jdstrand qt4-x11 unmaintained upstream (see README.webkit for details)
sbeattie iTunes Store specific?

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.0%