Lucene search
HistoryOct 12, 2011 - 6:55 p.m.
CVE-2011-3252
cve-2011-3252
buffer overflow
coreaudio
apple itunes
remote attackers
arbitrary code
denial of service
aac stream
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
High
0.096 Low
EPSS
Percentile
94.8%
Buffer overflow in CoreAudio, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Advanced Audio Coding (AAC) stream.
Affected configurations
Node
appleitunesRange≤10.4.1
ORappleitunesMatch4.0.0
ORappleitunesMatch4.0.1
ORappleitunesMatch4.1.0
ORappleitunesMatch4.2.0
ORappleitunesMatch4.5
ORappleitunesMatch4.5.0
ORappleitunesMatch4.6
ORappleitunesMatch4.6.0
ORappleitunesMatch4.7
ORappleitunesMatch4.7.0
ORappleitunesMatch4.7.1
ORappleitunesMatch4.7.2
ORappleitunesMatch4.8.0
ORappleitunesMatch4.9.0
ORappleitunesMatch5.0
ORappleitunesMatch5.0.0
ORappleitunesMatch5.0.1
ORappleitunesMatch6.0.0
ORappleitunesMatch6.0.1
ORappleitunesMatch6.0.2
ORappleitunesMatch6.0.3
ORappleitunesMatch6.0.4
ORappleitunesMatch6.0.4.2
ORappleitunesMatch6.0.5
ORappleitunesMatch7.0.0
ORappleitunesMatch7.0.1
ORappleitunesMatch7.0.2
ORappleitunesMatch7.1.0
ORappleitunesMatch7.1.1
ORappleitunesMatch7.2.0
ORappleitunesMatch7.3.0
ORappleitunesMatch7.3.1
ORappleitunesMatch7.3.2
ORappleitunesMatch7.4
ORappleitunesMatch7.4.0
ORappleitunesMatch7.4.1
ORappleitunesMatch7.4.2
ORappleitunesMatch7.4.3
ORappleitunesMatch7.5
ORappleitunesMatch7.5.0
ORappleitunesMatch7.6
ORappleitunesMatch7.6.0
ORappleitunesMatch7.6.1
ORappleitunesMatch7.6.2
ORappleitunesMatch7.7
ORappleitunesMatch7.7.0
ORappleitunesMatch7.7.1
ORappleitunesMatch8.0.0
ORappleitunesMatch8.0.1
ORappleitunesMatch8.0.2
ORappleitunesMatch8.1
ORappleitunesMatch8.1.1
ORappleitunesMatch8.2
ORappleitunesMatch8.2.1
ORappleitunesMatch9.0.0
ORappleitunesMatch9.0.1
ORappleitunesMatch9.0.2
ORappleitunesMatch9.0.3
ORappleitunesMatch9.2
ORappleitunesMatch9.2.1
ORappleitunesMatch10.0
ORappleitunesMatch10.0.1
ORappleitunesMatch10.1
ORappleitunesMatch10.1.1
ORappleitunesMatch10.1.2
ORappleitunesMatch10.2
ORappleitunesMatch10.3
ORappleitunesMatch10.3.1
ORappleitunesMatch10.4
microsoftwindows_7
ORmicrosoftwindows_vista
ORmicrosoftwindows_vistasp1
ORmicrosoftwindows_vistasp2
ORmicrosoftwindows_xpsp2
ORmicrosoftwindows_xpsp3
Related
seebug
seebug
Apple iTunes CoreAudio缓冲区溢出漏洞
2011-10-27 00:00:00
Apple iTunes多个安全漏洞
2011-10-13 00:00:00
prion
prion
Buffer overflow
2011-10-12 18:55:00
securityvulns
securityvulns
ZDI-11-304 : Apple Quicktime Advanced Audio Codec Frame Parsing Remote Code Execution Vulnerability
2011-10-31 00:00:00
Apple OS X multiple security vulnerabilities
2012-02-03 00:00:00
APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001
2012-02-03 00:00:00
nvd
nvd
CVE-2011-3252
2011-10-12 18:55:02
zdi
zdi
cvelist
cvelist
CVE-2011-3252
2011-10-12 18:00:00
nessus
nessus
Mac OS X Multiple Vulnerabilities (Security Update 2012-001) (BEAST)
2012-02-02 00:00:00
Apple iTunes < 10.5 Multiple Vulnerabilities (credentialed check)
2011-10-12 00:00:00
Apple iTunes < 10.5 Multiple Vulnerabilities (uncredentialed check)
2011-10-12 00:00:00
openvas
openvas
Mac OS X Multiple Vulnerabilities (2012-001)
2012-02-06 00:00:00
Mac OS X Multiple Vulnerabilities (2012-001)
2012-02-06 00:00:00
Apple iTunes Multiple Vulnerabilities (Oct 2011)
2011-10-20 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
High
0.096 Low
EPSS
Percentile
94.8%
Related for CVE-2011-3252