Lucene search

[email protected]CVE-2011-2352

HistoryOct 12, 2011 - 6:55 p.m.

CVE-2011-2352

2011-10-1218:55:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-2352

webkit

apple itunes

code execution

dos

vulnerability

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.3%

JSON

WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.

Affected configurations

NVD

Node

appleitunesRange≤10.4.1

appleitunesMatch4.0.0

appleitunesMatch4.0.1

appleitunesMatch4.1.0

appleitunesMatch4.2.0

appleitunesMatch4.5.0

appleitunesMatch4.6.0

appleitunesMatch4.7.0

appleitunesMatch4.7.1

appleitunesMatch4.7.2

appleitunesMatch4.8.0

appleitunesMatch4.9.0

appleitunesMatch5.0.0

appleitunesMatch5.0.1

appleitunesMatch6.0.0

appleitunesMatch6.0.1

appleitunesMatch6.0.2

appleitunesMatch6.0.3

appleitunesMatch6.0.4

appleitunesMatch6.0.5

appleitunesMatch7.0.0

appleitunesMatch7.0.1

appleitunesMatch7.0.2

appleitunesMatch7.1.0

appleitunesMatch7.1.1

appleitunesMatch7.2.0

appleitunesMatch7.3.0

appleitunesMatch7.3.1

appleitunesMatch7.3.2

appleitunesMatch7.4.0

appleitunesMatch7.4.1

appleitunesMatch7.4.2

appleitunesMatch7.4.3

appleitunesMatch7.5.0

appleitunesMatch7.6.0

appleitunesMatch7.6.1

appleitunesMatch7.6.2

appleitunesMatch7.7.0

appleitunesMatch7.7.1

appleitunesMatch8.0.0

appleitunesMatch8.0.1

appleitunesMatch9.0.0

appleitunesMatch9.0.1

appleitunesMatch9.0.2

appleitunesMatch9.0.3

appleitunesMatch9.1

appleitunesMatch9.1.1

appleitunesMatch9.2

appleitunesMatch9.2.1

appleitunesMatch10.0

appleitunesMatch10.0.1

appleitunesMatch10.1

appleitunesMatch10.1.1

appleitunesMatch10.1.2

appleitunesMatch10.2

appleitunesMatch10.3

appleitunesMatch10.3.1

appleitunesMatch10.4

applewebkit

CPENameOperatorVersion
apple:itunesapple itunesle10.4.1
apple:itunesapple ituneseq4.0.0
apple:itunesapple ituneseq4.0.1
apple:itunesapple ituneseq4.1.0
apple:itunesapple ituneseq4.2.0
apple:itunesapple ituneseq4.5.0
apple:itunesapple ituneseq4.6.0
apple:itunesapple ituneseq4.7.0
apple:itunesapple ituneseq4.7.1
apple:itunesapple ituneseq4.7.2

CPE	Name	Operator	Version
apple:itunes	apple itunes	le	10.4.1
apple:itunes	apple itunes	eq	4.0.0
apple:itunes	apple itunes	eq	4.0.1
apple:itunes	apple itunes	eq	4.1.0
apple:itunes	apple itunes	eq	4.2.0
apple:itunes	apple itunes	eq	4.5.0
apple:itunes	apple itunes	eq	4.6.0
apple:itunes	apple itunes	eq	4.7.0
apple:itunes	apple itunes	eq	4.7.1
apple:itunes	apple itunes	eq	4.7.2