CVE-2011-3064

Vulnerability from cvelistv5

Published

2012-03-30 22:00

Modified

2024-08-06 23:22

Severity ?

Summary

Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.

References

URL	Tags
cve@mitre.org	http://code.google.com/p/chromium/issues/detail?id=117471	Vendor Advisory
cve@mitre.org	http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html	Vendor Advisory
cve@mitre.org	http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html	Mailing List, Third Party Advisory
cve@mitre.org	http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html	Mailing List, Third Party Advisory
cve@mitre.org	http://osvdb.org/80742	Broken Link
cve@mitre.org	http://secunia.com/advisories/48618	Not Applicable
cve@mitre.org	http://secunia.com/advisories/48691	Not Applicable
cve@mitre.org	http://secunia.com/advisories/48763	Not Applicable
cve@mitre.org	http://support.apple.com/kb/HT5400	Third Party Advisory
cve@mitre.org	http://support.apple.com/kb/HT5485	Third Party Advisory
cve@mitre.org	http://support.apple.com/kb/HT5503	Third Party Advisory
cve@mitre.org	http://www.securityfocus.com/bid/52762	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id?1026877	Third Party Advisory, VDB Entry
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://code.google.com/p/chromium/issues/detail?id=117471	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/80742	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48618	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48691	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48763	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5400	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5485	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5503	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/52762	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1026877	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755	Third Party Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:22:27.253Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://code.google.com/p/chromium/issues/detail?id=117471"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5485"
          },
          {
            "name": "APPLE-SA-2012-09-19-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5503"
          },
          {
            "name": "80742",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/80742"
          },
          {
            "name": "1026877",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026877"
          },
          {
            "name": "oval:org.mitre.oval:def:14755",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755"
          },
          {
            "name": "48618",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48618"
          },
          {
            "name": "48691",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48691"
          },
          {
            "name": "APPLE-SA-2012-09-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
          },
          {
            "name": "APPLE-SA-2012-07-25-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html"
          },
          {
            "name": "52762",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52762"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5400"
          },
          {
            "name": "48763",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48763"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://code.google.com/p/chromium/issues/detail?id=117471"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5485"
        },
        {
          "name": "APPLE-SA-2012-09-19-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5503"
        },
        {
          "name": "80742",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/80742"
        },
        {
          "name": "1026877",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026877"
        },
        {
          "name": "oval:org.mitre.oval:def:14755",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755"
        },
        {
          "name": "48618",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48618"
        },
        {
          "name": "48691",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48691"
        },
        {
          "name": "APPLE-SA-2012-09-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
        },
        {
          "name": "APPLE-SA-2012-07-25-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html"
        },
        {
          "name": "52762",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52762"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5400"
        },
        {
          "name": "48763",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48763"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-3064",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=117471",
              "refsource": "CONFIRM",
              "url": "http://code.google.com/p/chromium/issues/detail?id=117471"
            },
            {
              "name": "http://support.apple.com/kb/HT5485",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5485"
            },
            {
              "name": "APPLE-SA-2012-09-19-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5503",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5503"
            },
            {
              "name": "80742",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/80742"
            },
            {
              "name": "1026877",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026877"
            },
            {
              "name": "oval:org.mitre.oval:def:14755",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755"
            },
            {
              "name": "48618",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48618"
            },
            {
              "name": "48691",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48691"
            },
            {
              "name": "APPLE-SA-2012-09-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
            },
            {
              "name": "APPLE-SA-2012-07-25-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html"
            },
            {
              "name": "52762",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52762"
            },
            {
              "name": "http://support.apple.com/kb/HT5400",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5400"
            },
            {
              "name": "48763",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48763"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-3064",
    "datePublished": "2012-03-30T22:00:00",
    "dateReserved": "2011-08-09T00:00:00",
    "dateUpdated": "2024-08-06T23:22:27.253Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-3064\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2012-03-30T22:55:01.730\",\"lastModified\":\"2024-11-21T01:29:38.127\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad por error de memoria en ejecuci\u00f3n (use-after-free) en Google Chrome anterior a v18.0.1025.142 permite a atacantes remotos causar una denegaci\u00f3n de servicio o posiblemente tener un impacto no especificado a trav\u00e9s de vectores relacionados con la operaci\u00f3n de recorte en el formato SVG.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"18.0.1025.142\",\"matchCriteriaId\":\"B25C0401-A5AB-4396-A994-1405B13C0FEB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.7\",\"matchCriteriaId\":\"F76D1286-FD74-4F82-B792-C501C2158D67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0\",\"matchCriteriaId\":\"D64A3188-D7FC-4ADF-ACBE-8885A60DE798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0\",\"matchCriteriaId\":\"72A06974-6834-406E-BB3E-F9935B18F877\"}]}]}],\"references\":[{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=117471\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/80742\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/48618\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/48691\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/48763\",\"source\":\"cve@mitre.org\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://support.apple.com/kb/HT5400\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5485\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5503\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/52762\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1026877\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://code.google.com/p/chromium/issues/detail?id=117471\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://osvdb.org/80742\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/48618\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/48691\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://secunia.com/advisories/48763\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://support.apple.com/kb/HT5400\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5485\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://support.apple.com/kb/HT5503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/52762\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1026877\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

gsd-2011-3064

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.

Aliases

CVE-2011-3064

Aliases

CVE-2011-3064

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-3064",
    "description": "Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.",
    "id": "GSD-2011-3064",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-3064.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-3064"
      ],
      "details": "Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.",
      "id": "GSD-2011-3064",
      "modified": "2023-12-13T01:19:09.764863Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2011-3064",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://code.google.com/p/chromium/issues/detail?id=117471",
            "refsource": "CONFIRM",
            "url": "http://code.google.com/p/chromium/issues/detail?id=117471"
          },
          {
            "name": "http://support.apple.com/kb/HT5485",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5485"
          },
          {
            "name": "APPLE-SA-2012-09-19-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
          },
          {
            "name": "http://support.apple.com/kb/HT5503",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5503"
          },
          {
            "name": "80742",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80742"
          },
          {
            "name": "1026877",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1026877"
          },
          {
            "name": "oval:org.mitre.oval:def:14755",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755"
          },
          {
            "name": "48618",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/48618"
          },
          {
            "name": "48691",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/48691"
          },
          {
            "name": "APPLE-SA-2012-09-12-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
          },
          {
            "name": "APPLE-SA-2012-07-25-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
          },
          {
            "name": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html",
            "refsource": "CONFIRM",
            "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html"
          },
          {
            "name": "52762",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/52762"
          },
          {
            "name": "http://support.apple.com/kb/HT5400",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT5400"
          },
          {
            "name": "48763",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/48763"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "18.0.1025.142",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.7",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-3064"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://code.google.com/p/chromium/issues/detail?id=117471",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://code.google.com/p/chromium/issues/detail?id=117471"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5400",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5400"
            },
            {
              "name": "APPLE-SA-2012-07-25-1",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
            },
            {
              "name": "80742",
              "refsource": "OSVDB",
              "tags": [
                "Broken Link"
              ],
              "url": "http://osvdb.org/80742"
            },
            {
              "name": "48618",
              "refsource": "SECUNIA",
              "tags": [
                "Not Applicable"
              ],
              "url": "http://secunia.com/advisories/48618"
            },
            {
              "name": "1026877",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1026877"
            },
            {
              "name": "52762",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/52762"
            },
            {
              "name": "http://support.apple.com/kb/HT5485",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5485"
            },
            {
              "name": "APPLE-SA-2012-09-12-1",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
            },
            {
              "name": "http://support.apple.com/kb/HT5503",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.apple.com/kb/HT5503"
            },
            {
              "name": "APPLE-SA-2012-09-19-1",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
            },
            {
              "name": "48691",
              "refsource": "SECUNIA",
              "tags": [
                "Not Applicable"
              ],
              "url": "http://secunia.com/advisories/48691"
            },
            {
              "name": "48763",
              "refsource": "SECUNIA",
              "tags": [
                "Not Applicable"
              ],
              "url": "http://secunia.com/advisories/48763"
            },
            {
              "name": "oval:org.mitre.oval:def:14755",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2020-04-14T15:10Z",
      "publishedDate": "2012-03-30T22:55Z"
    }
  }
}

Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, bypass security restrictions, and perform cross-site scripting attacks; other attacks may also be possible. Versions prior to Chrome 18.0.1025.142 are vulnerable. Google Chrome is a web browser developed by Google (Google). ============================================================================ Ubuntu Security Notice USN-1617-1 October 25, 2012

webkit vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 12.04 LTS

Summary:

Multiple security vulnerabilities were fixed in WebKit.

Software Description: - webkit: Web content engine library for GTK+

Details:

A large number of security issues were discovered in the WebKit browser and JavaScript engines.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 LTS: libjavascriptcoregtk-1.0-0 1.8.3-0ubuntu0.12.04.1 libjavascriptcoregtk-3.0-0 1.8.3-0ubuntu0.12.04.1 libwebkitgtk-1.0-0 1.8.3-0ubuntu0.12.04.1 libwebkitgtk-3.0-0 1.8.3-0ubuntu0.12.04.1

After a standard system update you need to restart your session to make all the necessary changes.

References: http://www.ubuntu.com/usn/usn-1617-1 CVE-2011-3031, CVE-2011-3038, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3051, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3076, CVE-2011-3081, CVE-2011-3086, CVE-2011-3090, CVE-2012-1521, CVE-2012-3598, CVE-2012-3601, CVE-2012-3604, CVE-2012-3611, CVE-2012-3612, CVE-2012-3617, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3645, CVE-2012-3652, CVE-2012-3657, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3674, CVE-2012-3674, https://launchpad.net/bugs/1058339

Package Information: https://launchpad.net/ubuntu/+source/webkit/1.8.3-0ubuntu0.12.04.1 . This update removes handling of feed:// URLs. This update removes handling of feed:// URLs. This header is used by many websites to serve files that were uploaded to the site by a third-party, such as attachments in web-based e-mail applications. Any script in files served with this header value would run as if the file had been served inline, with full access to other resources on the origin server. CVE-ID CVE-2012-3689 : David Bloom of Cue

WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Dragging and dropping selected text on a web page may cause files from the user's system to be sent to a remote server Description: An access control issue existed in the handling of drag and drop events. CVE-ID CVE-2011-2845 : Jordi Chancel

WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: An attacker may be able to escape the sandbox and access any file the current user has access to Description: An access control issue existed in the handling of file URLs. An attacker who gains arbitrary code execution in a Safari WebProcess may be able to bypass the sandbox and access any file that the user running Safari has access to. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201203-24

                                        http://security.gentoo.org/

Severity: Normal Title: Chromium, V8: Multiple vulnerabilities Date: March 30, 2012 Bugs: #410045 ID: 201203-24

Synopsis

Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code.

Background

Chromium is an open source web browser project. V8 is Google's open source JavaScript engine. SPDY is an experimental networking protocol.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 www-client/chromium < 18.0.1025.142 >= 18.0.1025.142 2 dev-lang/v8 < 3.8.9.16 >= 3.8.9.16 ------------------------------------------------------------------- 2 affected packages

Description

Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details.

Impact

A context-dependent attacker could entice a user to open a specially crafted web site or JavaScript program using Chromium or V8, possibly resulting in the execution of arbitrary code with the privileges of the process, or a Denial of Service condition.

The attacker could also entice a user to open a specially crafted web site using Chromium, possibly resulting in cross-site scripting (XSS), or an unspecified SPDY certificate checking error.

Workaround

There is no known workaround at this time.

Resolution

All Chromium users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-18.0.1025.142"

All V8 users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/v8-3.8.9.16"

References

[ 1 ] CVE-2011-3057 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3057 [ 2 ] CVE-2011-3058 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3058 [ 3 ] CVE-2011-3059 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3059 [ 4 ] CVE-2011-3060 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3060 [ 5 ] CVE-2011-3061 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3061 [ 6 ] CVE-2011-3062 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3062 [ 7 ] CVE-2011-3063 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3063 [ 8 ] CVE-2011-3064 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3064 [ 9 ] CVE-2011-3065 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3065 [ 10 ] Release Notes 18.0.1025.142

http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-a= nd-beta-channel.html

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-24.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.

License

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

APPLE-SA-2012-09-19-1 iOS 6

iOS 6 is now available and addresses the following:

CFNetwork Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of malformed URLs. CFNetwork may send requests to an incorrect hostname, resulting in the disclosure of sensitive information. This issue was addressed through improvements to URL handling. CVE-ID CVE-2012-3724 : Erling Ellingsen of Facebook

CoreGraphics Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Multiple vulnerabilities in FreeType Description: Multiple vulnerabilities existed in FreeType, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. These issues were addressed by updating FreeType to version 2.4.9. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2012-1126 CVE-2012-1127 CVE-2012-1128 CVE-2012-1129 CVE-2012-1130 CVE-2012-1131 CVE-2012-1132 CVE-2012-1133 CVE-2012-1134 CVE-2012-1135 CVE-2012-1136 CVE-2012-1137 CVE-2012-1138 CVE-2012-1139 CVE-2012-1140 CVE-2012-1141 CVE-2012-1142 CVE-2012-1143 CVE-2012-1144

CoreMedia Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An uninitialized memory access existed in the handling of Sorenson encoded movie files. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3722 : Will Dormann of the CERT/CC

DHCP Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed Description: Upon connecting to a Wi-Fi network, iOS may broadcast MAC addresses of previously accessed networks per the DNAv4 protocol. This issue was addressed by disabling DNAv4 on unencrypted Wi-Fi networks. CVE-ID CVE-2012-3725 : Mark Wuergler of Immunity, Inc.

ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted TIFF file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in libtiff's handling of ThunderScan encoded TIFF images. This issue was addressed by updating libtiff to version 3.9.5. CVE-ID CVE-2011-1167

ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted PNG image may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in libpng's handling of PNG images. These issues were addressed through improved validation of PNG images. CVE-ID CVE-2011-3026 : Juri Aedla CVE-2011-3048 CVE-2011-3328

ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted JPEG image may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in ImageIO's handling of JPEG images. This issue was addressed through improved memory management. CVE-ID CVE-2012-3726 : Phil of PKJE Consulting

ImageIO Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in libTIFF's handling of TIFF images. This issue was addressed through improved validation of TIFF images. CVE-ID CVE-2012-1173 : Alexander Gavrun working with HP's Zero Day Initiative

International Components for Unicode Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A stack buffer overflow existed in the handling of ICU locale IDs. This issue was addressed through improved bounds checking. CVE-ID CVE-2011-4599

IPSec Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Loading a maliciously crafted racoon configuration file may lead to arbitrary code execution Description: A buffer overflow existed in the handling of racoon configuration files. This issue was addressed through improved bounds checking. CVE-ID CVE-2012-3727 : iOS Jailbreak Dream Team

Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to execute arbitrary code with system privileges Description: An invalid pointer dereference issue existed in the kernel's handling of packet filter ioctls. This may allow an attacker to alter kernel memory. This issue was addressed through improved error handling. CVE-ID CVE-2012-3728 : iOS Jailbreak Dream Team

Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A local user may be able to determine kernel memory layout Description: An uninitialized memory access issue existed in the Berkeley Packet Filter interpreter, which led to the disclosure of memory content. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3729 : Dan Rosenberg

libxml Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Viewing a maliciously crafted web page may lead to an unexpected application termination or arbitrary code execution Description: Multiple vulnerabilities existed in libxml, the most serious of which may lead to an unexpected application termination or arbitrary code execution. These issues were addressed by applying the relevant upstream patches. CVE-ID CVE-2011-1944 : Chris Evans of Google Chrome Security Team CVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of Chinese Academy of Sciences CVE-2011-3919 : Juri Aedla

Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Mail may present the wrong attachment in a message Description: A logic issue existed in Mail's handling of attachments. If a subsequent mail attachment used the same Content-ID as a previous one, the previous attachment would be displayed, even in the case where the 2 mails originated from different senders. This could facilitate some spoofing or phishing attacks. This issue was addressed through improved handling of attachments. CVE-ID CVE-2012-3730 : Angelo Prado of the salesforce.com Product Security Team

Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Email attachments may be read without user's passcode Description: A logic issue existed in Mail's use of Data Protection on email attachments. This issue was addressed by properly setting the Data Protection class for email attachments. CVE-ID CVE-2012-3731 : Stephen Prairie of Travelers Insurance, Erich Stuntebeck of AirWatch

Mail Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker may spoof the sender of a S/MIME signed message Description: S/MIME signed messages displayed the untrusted 'From' address, instead of the name associated with the message signer's identity. This issue was addressed by displaying the address associated with the message signer's identity when it is available. CVE-ID CVE-2012-3732 : An anonymous researcher

Messages Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user may unintentionally disclose the existence of their email addresses Description: When a user had multiple email addresses associated with iMessage, replying to a message may have resulted in the reply being sent from a different email address. This may disclose another email address associated to the user's account. This issue was addressed by always replying from the email address the original message was sent to. CVE-ID CVE-2012-3733 : Rodney S. Foley of Gnomesoft, LLC

Office Viewer Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Unencrypted document data may be written to a temporary file Description: An information disclosure issue existed in the support for viewing Microsoft Office files. When viewing a document, the Office Viewer would write a temporary file containing data from the viewed document to the temporary directory of the invoking process. For an application that uses data protection or other encryption to protect the user's files, this could lead to information disclosure. This issue was addressed by avoiding creation of temporary files when viewing Office documents. CVE-ID CVE-2012-3734 : Salvatore Cataudella of Open Systems Technologies

OpenGL Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Applications that use OS X's OpenGL implementation may be vulnerable to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of GLSL compilation. These issues were addressed through improved validation of GLSL shaders. CVE-ID CVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and Marc Schoenefeld of the Red Hat Security Response Team

Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device could briefly view the last used third-party app on a locked device Description: A logic issue existed with the display of the "Slide to Power Off" slider on the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3735 : Chris Lawrence DBB

Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A logic issue existed in the termination of FaceTime calls from the lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3736 : Ian Vitek of 2Secure AB

Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: All photos may be accessible at the lock screen Description: A design issue existed in the support for viewing photos that were taken at the lock screen. In order to determine which photos to permit access to, the passcode lock consulted the time at which the device was locked and compared it to the time that a photo was taken. By spoofing the current time, an attacker could gain access to photos that were taken before the device was locked. This issues was addressed by explicitly keeping track of the photos that were taken while the device was locked. CVE-ID CVE-2012-3737 : Ade Barkah of BlueWax Inc.

Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to a locked device may perform FaceTime calls Description: A logic issue existed in the Emergency Dialer screen, which permitted FaceTime calls via Voice Dialing on the locked device. This could also disclose the user's contacts via contact suggestions. This issue was addressed by disabling Voice Dialing on the Emergency Dialer screen. CVE-ID CVE-2012-3738 : Ade Barkah of BlueWax Inc.

Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: Using the camera from the screen lock could in some cases interfere with automatic lock functionality, allowing a person with physical access to the device to bypass the Passcode Lock screen. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3739 : Sebastian Spanninger of the Austrian Federal Computing Centre (BRZ)

Passcode Lock Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A person with physical access to the device may be able to bypass the screen lock Description: A state management issue existed in the handling of the screen lock. This issue was addressed through improved lock state management. CVE-ID CVE-2012-3740 : Ian Vitek of 2Secure AB

Restrictions Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user may be able to make purchases without entering Apple ID credentials Description: After disabling Restrictions, iOS may not ask for the user's password during a transaction. This issue was addressed by additional enforcement of purchase authorization. CVE-ID CVE-2012-3741 : Kevin Makens of Redwood High School

Safari Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Websites may use characters with an appearance similar to the lock icon in their titles Description: Websites could use a Unicode character to create a lock icon in the page title. This icon was similar in appearance to the icon used to indicate a secure connection, and could have lead the user to believe a secure connection had been established. This issue was addressed by removing these characters from page titles. CVE-ID CVE-2012-3742 : Boku Kihara of Lepidum

Safari Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Passwords may autocomplete even when the site specifies that autocomplete should be disabled Description: Password input elements with the autocomplete attribute set to "off" were being autocompleted. This issue was addressed through improved handling of the autocomplete attribute. CVE-ID CVE-2012-0680 : Dan Poltawski of Moodle

System Logs Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Sandboxed apps may obtain system log content Description: Sandboxed apps had read access to /var/log directory, which may allow them to obtain sensitive information contained in system logs. This issue was addressed by denying sandboxed apps access to the /var/log directory. CVE-ID CVE-2012-3743

Telephony Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An SMS message may appear to have been sent by an arbitrary user Description: Messages displayed the return address of an SMS message as the sender. Return addresses may be spoofed. This issue was addressed by always displaying the originating address instead of the return address. CVE-ID CVE-2012-3744 : pod2g

Telephony Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An SMS message may disrupt cellular connectivity Description: An off-by-one buffer overflow existed in the handling of SMS user data headers. This issue was addressed through improved bounds checking. CVE-ID CVE-2012-3745 : pod2g

UIKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker that gains access to a device's filesystem may be able to read files that were being displayed in a UIWebView Description: Applications that use UIWebView may leave unencrypted files on the file system even when a passcode is enabled. This issue was addressed through improved use of data protection. CVE-ID CVE-2012-3746 : Ben Smith of Box

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2011-3016 : miaubiz CVE-2011-3021 : Arthur Gerkis CVE-2011-3027 : miaubiz CVE-2011-3032 : Arthur Gerkis CVE-2011-3034 : Arthur Gerkis CVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur Gerkis CVE-2011-3036 : miaubiz CVE-2011-3037 : miaubiz CVE-2011-3038 : miaubiz CVE-2011-3039 : miaubiz CVE-2011-3040 : miaubiz CVE-2011-3041 : miaubiz CVE-2011-3042 : miaubiz CVE-2011-3043 : miaubiz CVE-2011-3044 : Arthur Gerkis CVE-2011-3050 : miaubiz CVE-2011-3053 : miaubiz CVE-2011-3059 : Arthur Gerkis CVE-2011-3060 : miaubiz CVE-2011-3064 : Atte Kettunen of OUSPG CVE-2011-3068 : miaubiz CVE-2011-3069 : miaubiz CVE-2011-3071 : pa_kt working with HP's Zero Day Initiative CVE-2011-3073 : Arthur Gerkis CVE-2011-3074 : Slawomir Blazek CVE-2011-3075 : miaubiz CVE-2011-3076 : miaubiz CVE-2011-3078 : Martin Barbella of the Google Chrome Security Team CVE-2011-3081 : miaubiz CVE-2011-3086 : Arthur Gerkis CVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz CVE-2011-3090 : Arthur Gerkis CVE-2011-3105 : miaubiz CVE-2011-3913 : Arthur Gerkis CVE-2011-3924 : Arthur Gerkis CVE-2011-3926 : Arthur Gerkis CVE-2011-3958 : miaubiz CVE-2011-3966 : Aki Helin of OUSPG CVE-2011-3968 : Arthur Gerkis CVE-2011-3969 : Arthur Gerkis CVE-2011-3971 : Arthur Gerkis CVE-2012-0682 : Apple Product Security CVE-2012-0683 : Dave Mandelin of Mozilla CVE-2012-1520 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2012-1521 : Skylined of the Google Chrome Security Team, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2012-2818 : miaubiz CVE-2012-3589 : Dave Mandelin of Mozilla CVE-2012-3590 : Apple Product Security CVE-2012-3591 : Apple Product Security CVE-2012-3592 : Apple Product Security CVE-2012-3593 : Apple Product Security CVE-2012-3594 : miaubiz CVE-2012-3595 : Martin Barbella of Google Chrome Security CVE-2012-3596 : Skylined of the Google Chrome Security Team CVE-2012-3597 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3598 : Apple Product Security CVE-2012-3599 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3600 : David Levin of the Chromium development community CVE-2012-3601 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer CVE-2012-3602 : miaubiz CVE-2012-3603 : Apple Product Security CVE-2012-3604 : Skylined of the Google Chrome Security Team CVE-2012-3605 : Cris Neckar of the Google Chrome Security team CVE-2012-3608 : Skylined of the Google Chrome Security Team CVE-2012-3609 : Skylined of the Google Chrome Security Team CVE-2012-3610 : Skylined of the Google Chrome Security Team CVE-2012-3611 : Apple Product Security CVE-2012-3612 : Skylined of the Google Chrome Security Team CVE-2012-3613 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3614 : Yong Li of Research In Motion, Inc. CVE-2012-3615 : Stephen Chenney of the Chromium development community CVE-2012-3617 : Apple Product Security CVE-2012-3618 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3620 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3624 : Skylined of the Google Chrome Security Team CVE-2012-3625 : Skylined of Google Chrome Security Team CVE-2012-3626 : Apple Product Security CVE-2012-3627 : Skylined and Abhishek Arya (Inferno) of Google Chrome Security team CVE-2012-3628 : Apple Product Security CVE-2012-3629 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3630 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3631 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3633 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3634 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3635 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3636 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3637 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3638 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3639 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3640 : miaubiz CVE-2012-3641 : Slawomir Blazek CVE-2012-3642 : miaubiz CVE-2012-3644 : miaubiz CVE-2012-3645 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3646 : Julien Chaffraix of the Chromium development community, Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3647 : Skylined of the Google Chrome Security Team CVE-2012-3648 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3651 : Abhishek Arya (Inferno) and Martin Barbella of the Google Chrome Security Team CVE-2012-3652 : Martin Barbella of Google Chrome Security Team CVE-2012-3653 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3655 : Skylined of the Google Chrome Security Team CVE-2012-3656 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3658 : Apple CVE-2012-3659 : Mario Gomes of netfuzzer.blogspot.com, Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3660 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3661 : Apple Product Security CVE-2012-3663 : Skylined of Google Chrome Security Team CVE-2012-3664 : Thomas Sepez of the Chromium development community CVE-2012-3665 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3666 : Apple CVE-2012-3667 : Trevor Squires of propaneapp.com CVE-2012-3668 : Apple Product Security CVE-2012-3669 : Apple Product Security CVE-2012-3670 : Abhishek Arya (Inferno) of the Google Chrome Security Team, Arthur Gerkis CVE-2012-3671 : Skylined and Martin Barbella of the Google Chrome Security Team CVE-2012-3672 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3673 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3674 : Skylined of Google Chrome Security Team CVE-2012-3676 : Julien Chaffraix of the Chromium development community CVE-2012-3677 : Apple CVE-2012-3678 : Apple Product Security CVE-2012-3679 : Chris Leary of Mozilla CVE-2012-3680 : Skylined of Google Chrome Security Team CVE-2012-3681 : Apple CVE-2012-3682 : Adam Barth of the Google Chrome Security Team CVE-2012-3683 : wushi of team509 working with iDefense VCP CVE-2012-3684 : kuzzcc CVE-2012-3686 : Robin Cao of Torch Mobile (Beijing) CVE-2012-3703 : Apple Product Security CVE-2012-3704 : Skylined of the Google Chrome Security Team CVE-2012-3706 : Apple Product Security CVE-2012-3708 : Apple CVE-2012-3710 : James Robinson of Google CVE-2012-3747 : David Bloom of Cue

WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site disclosure of information Description: A cross-origin issue existed in the handling of CSS property values. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-3691 : Apple

WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: A malicious website may be able to replace the contents of an iframe on another site Description: A cross-origin issue existed in the handling of iframes in popup windows. This issue was addressed through improved origin tracking. CVE-ID CVE-2011-3067 : Sergey Glazunov

WebKit Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch (3rd generation) and later, iPad, iPad 2 Impact: Visiting a maliciously crafted website may lead to a cross- site disclosure of information Description: A cross-origin issue existed in the handling of iframes and fragment identifiers. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt, and Dan Boneh of the Stanford University Security Laboratory

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Look-alike characters in a URL could be used to masquerade a website Description: The International Domain Name (IDN) support and Unicode fonts embedded in Safari could have been used to create a URL which contains look-alike characters. These could have been used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue was addressed by supplementing WebKit's list of known look-alike characters. Look- alike characters are rendered in Punycode in the address bar. CVE-ID CVE-2012-3693 : Matt Cooley of Symantec

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A canonicalization issue existed in the handling of URLs. This may have led to cross-site scripting on sites which use the location.href property. This issue was addressed through improved canonicalization of URLs. CVE-ID CVE-2012-3695 : Masato Kinugawa

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to HTTP request splitting Description: An HTTP header injection issue existed in the handling of WebSockets. This issue was addressed through improved WebSockets URI sanitization. CVE-ID CVE-2012-3696 : David Belcher of the BlackBerry Security Incident Response Team

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A maliciously crafted website may be able to spoof the value in the URL bar Description: A state management issue existed in the handling of session history. Navigations to a fragment on the current page may cause Safari to display incorrect information in the URL bar. This issue was addressed through improved session state tracking. CVE-ID CVE-2011-2845 : Jordi Chancel

WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to the disclosure of the disclosure of memory contents Description: An uninitialized memory access issue existed in the handling of SVG images. This issue was addressed through improved memory initialization. CVE-ID CVE-2012-3650 : Apple

Installation note:

This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/

iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.

The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.

To check that the iPhone, iPod touch, or iPad has been updated:

Navigate to Settings
Select General
Select About. The version after applying this update will be "6.0".

Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJQWeYHAAoJEPefwLHPlZEwFlwP/1Ib/2m8K7orlPb3zmsKTyjo 3T0rFqu1LbXNzwLRhan7E7KiJoQ7U6yVO4045o/19AYZM+zGVNnHsCkUc3+Vcpa5 TZIM9Rik2iXKMxzttFfc5tvhE1u18PstsDLU/jvyW+s3XxMVL54wnSmW1R+P0de0 8+Q++IANogUj+scJzQkTaFDNDN5v1p0BT0+cifCcqktXB4H/PoaQ7drIWiDGYB/9 n4IL5AjM0BJBzWkldfjPimZ0BseSA0BxdeVCopmAgdnigyB60G4cWGzkU7E35VnP dWgdU9rnIIvGGe/vP912f7AoPtWs1b8n6DYCJgGRXvaRfPoHFUlXaRoVB6vJlMVs JXyMrw/RSDfYEgJdNbFOSxyJXHUkTkt4+aNW4KcoMR6raI/W5zKDyMEICw1wpkwP id6Dz4e6ncf+cfvAFqXpk02OC7iJqn71IJN2MvU/hC7797l++PINIoOHwJZolt+T xL3wV8p3Lk8K6lZx3Q9Tu6Dd7GYkxtjLCgV1NgdHOwPKDUOJ47oG6RjZAd6hpicp RqYXbk5bJpd3nZv+X6FrCZqGfeuwREWW7FJ0dI+/8ohlnisTz16f48W9FtuN3HIj bmxFJ46P4LGxrizwDSdBngxf3Utkh+7hGLuMH51/jR8+tCqDIEgpKBA+2F+IOmyP XtT4lS60xKz63YSg79dd =LvMt -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201203-0185",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "chrome",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "google",
        "version": "18.0.1025.142"
      },
      {
        "model": "itunes",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "apple",
        "version": "10.7"
      },
      {
        "model": "iphone os",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "6.0"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6   (ipad 2 or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6   (iphone 3gs or later )"
      },
      {
        "model": "ios",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6   (ipod touch first  4 after generation )"
      },
      {
        "model": "safari",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "apple",
        "version": "6.0   (mac os)"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.139"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.135"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.132"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.133"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.140"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.137"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.134"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.120"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.131"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "18.0.1025.136"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "17.0.963.83"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "11.0.696.57"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "12.0.742.100"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.1"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.6"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.5"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "14.0.835.202"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "11.0.696.43"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.5"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.2"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.4"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "16.0.912.75"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "17.0.963.60"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "model": "chrome",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "google",
        "version": "18.0.1025.142"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "13"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "10.0.648.204"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "10.0.648.128"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.5"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.6"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.1"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.6"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "10.0.648.127"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "11.0.696.65"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.7"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.4"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "4.3.5"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "16.0.91275"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "17.0.96379"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "12.0.742.112"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.4"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.2"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "11.0.696.71"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "12.0.742.91"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "17.0.963.78"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "2.0"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.5"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "17.0.963.56"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.2"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "13.0.782.107"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "15.0.874.120"
      },
      {
        "model": "itunes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "10.2"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "14"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "11.0.696.77"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "16"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.7"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "17.0.96365"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "11.0.696.68"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "11.0.672.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "15.0.874.121"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "12"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "14.0.835.163"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "10"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "16.0.912.77"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "11"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "13.0.782.112"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.4"
      },
      {
        "model": "safari for windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.3"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "15.0.874102"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "10.0.648.133"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.1.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.1"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "13.0.782.215"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "10.0.648.205"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "14.0.835.186"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.3"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "17.0.963.46"
      },
      {
        "model": "chrome",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "google",
        "version": "16.0.912.63"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "3.2"
      },
      {
        "model": "safari",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "5.0.4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.7.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "52762"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3064"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:google:chrome",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:apple:iphone_os",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:itunes",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:apple:safari",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Masato Kinugawa, Arthur Gerkis, miaubiz, Leonidas Kontothanassis of Google, Mateusz Jurczyk of the Google Security Team, kuzzcc, Sergey Glazunov, PinkiePie, scarybeasts (Google Chrome Security Team), Atte Kettunen of OUSPG, Omair, and Christian Holler.",
    "sources": [
      {
        "db": "BID",
        "id": "52762"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2011-3064",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2011-3064",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-51009",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2011-3064",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2011-3064",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201203-582",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-51009",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51009"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3064"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. Google Chrome is prone to multiple vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code in the     context of the browser, bypass security restrictions, and perform cross-site scripting attacks; other  attacks may also be possible. \nVersions prior to Chrome 18.0.1025.142  are vulnerable. Google Chrome is a web browser developed by Google (Google). ============================================================================\nUbuntu Security Notice USN-1617-1\nOctober 25, 2012\n\nwebkit vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nMultiple security vulnerabilities were fixed in WebKit. \n\nSoftware Description:\n- webkit: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKit browser and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n  libjavascriptcoregtk-1.0-0      1.8.3-0ubuntu0.12.04.1\n  libjavascriptcoregtk-3.0-0      1.8.3-0ubuntu0.12.04.1\n  libwebkitgtk-1.0-0              1.8.3-0ubuntu0.12.04.1\n  libwebkitgtk-3.0-0              1.8.3-0ubuntu0.12.04.1\n\nAfter a standard system update you need to restart your session to make all\nthe necessary changes. \n\nReferences:\n  http://www.ubuntu.com/usn/usn-1617-1\n  CVE-2011-3031, CVE-2011-3038, CVE-2011-3042, CVE-2011-3043,\n  CVE-2011-3044, CVE-2011-3051, CVE-2011-3053, CVE-2011-3059,\n  CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3076,\n  CVE-2011-3081, CVE-2011-3086, CVE-2011-3090, CVE-2012-1521,\n  CVE-2012-3598, CVE-2012-3601, CVE-2012-3604, CVE-2012-3611,\n  CVE-2012-3612, CVE-2012-3617, CVE-2012-3625, CVE-2012-3626,\n  CVE-2012-3627, CVE-2012-3628, CVE-2012-3645, CVE-2012-3652,\n  CVE-2012-3657, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671,\n  CVE-2012-3672, CVE-2012-3674, CVE-2012-3674, https://launchpad.net/bugs/1058339\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/webkit/1.8.3-0ubuntu0.12.04.1\n. This update removes handling of feed:// URLs. This update removes handling of feed:// URLs. This\nheader is used by many websites to serve files that were uploaded to\nthe site by a third-party, such as attachments in web-based e-mail\napplications. Any script in files served with this header value would\nrun as if the file had been served inline, with full access to other\nresources on the origin server. \nCVE-ID\nCVE-2012-3689 : David Bloom of Cue\n\nWebKit\nAvailable for:  OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact:  Dragging and dropping selected text on a web page may cause\nfiles from the user\u0027s system to be sent to a remote server\nDescription:  An access control issue existed in the handling of drag\nand drop events. \nCVE-ID\nCVE-2011-2845 : Jordi Chancel\n\nWebKit\nAvailable for:  OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact:  An attacker may be able to escape the sandbox and access any\nfile the current user has access to\nDescription:  An access control issue existed in the handling of file\nURLs. An attacker who gains arbitrary code execution in a Safari\nWebProcess may be able to bypass the sandbox and access any file that\nthe user running Safari has access to. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201203-24\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Chromium, V8: Multiple vulnerabilities\n     Date: March 30, 2012\n     Bugs: #410045\n       ID: 201203-24\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium and V8, some of\nwhich may allow execution of arbitrary code. \n\nBackground\n==========\n\nChromium is an open source web browser project. V8 is Google\u0027s open\nsource JavaScript engine. SPDY is an experimental networking protocol. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  www-client/chromium      \u003c 18.0.1025.142        \u003e= 18.0.1025.142\n  2  dev-lang/v8                 \u003c 3.8.9.16               \u003e= 3.8.9.16\n    -------------------------------------------------------------------\n     2 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium and V8. \nPlease review the CVE identifiers and release notes referenced below\nfor details. \n\nImpact\n======\n\nA context-dependent attacker could entice a user to open a specially\ncrafted web site or JavaScript program using Chromium or V8, possibly\nresulting in the execution of arbitrary code with the privileges of the\nprocess, or a Denial of Service condition. \n\nThe attacker could also entice a user to open a specially crafted web\nsite using Chromium, possibly resulting in cross-site scripting (XSS),\nor an unspecified SPDY certificate checking error. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=www-client/chromium-18.0.1025.142\"\n\nAll V8 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=dev-lang/v8-3.8.9.16\"\n\nReferences\n==========\n\n[  1 ] CVE-2011-3057\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3057\n[  2 ] CVE-2011-3058\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3058\n[  3 ] CVE-2011-3059\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3059\n[  4 ] CVE-2011-3060\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3060\n[  5 ] CVE-2011-3061\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3061\n[  6 ] CVE-2011-3062\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3062\n[  7 ] CVE-2011-3063\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3063\n[  8 ] CVE-2011-3064\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3064\n[  9 ] CVE-2011-3065\n       http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3065\n[ 10 ] Release Notes 18.0.1025.142\n\nhttp://googlechromereleases.blogspot.com/2012/03/stable-channel-release-a=\nnd-beta-channel.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201203-24.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-09-19-1 iOS 6\n\niOS 6 is now available and addresses the following:\n\nCFNetwork\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription:  An issue existed in CFNetwork\u0027s handling of malformed\nURLs. CFNetwork may send requests to an incorrect hostname, resulting\nin the disclosure of sensitive information. This issue was addressed\nthrough improvements to URL handling. \nCVE-ID\nCVE-2012-3724 : Erling Ellingsen of Facebook\n\nCoreGraphics\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Multiple vulnerabilities in FreeType\nDescription:  Multiple vulnerabilities existed in FreeType, the most\nserious of which may lead to arbitrary code execution when processing\na maliciously crafted font. These issues were addressed by updating\nFreeType to version 2.4.9. Further information is available via the\nFreeType site at http://www.freetype.org/\nCVE-ID\nCVE-2012-1126\nCVE-2012-1127\nCVE-2012-1128\nCVE-2012-1129\nCVE-2012-1130\nCVE-2012-1131\nCVE-2012-1132\nCVE-2012-1133\nCVE-2012-1134\nCVE-2012-1135\nCVE-2012-1136\nCVE-2012-1137\nCVE-2012-1138\nCVE-2012-1139\nCVE-2012-1140\nCVE-2012-1141\nCVE-2012-1142\nCVE-2012-1143\nCVE-2012-1144\n\nCoreMedia\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  An uninitialized memory access existed in the handling\nof Sorenson encoded movie files. This issue was addressed through\nimproved memory initialization. \nCVE-ID\nCVE-2012-3722 : Will Dormann of the CERT/CC\n\nDHCP\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A malicious Wi-Fi network may be able to determine networks\na device has previously accessed\nDescription:  Upon connecting to a Wi-Fi network, iOS may broadcast\nMAC addresses of previously accessed networks per the DNAv4 protocol. \nThis issue was addressed by disabling DNAv4 on unencrypted Wi-Fi\nnetworks. \nCVE-ID\nCVE-2012-3725 : Mark Wuergler of Immunity, Inc. \n\nImageIO\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted TIFF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A buffer overflow existed in libtiff\u0027s handling of\nThunderScan encoded TIFF images. This issue was addressed by updating\nlibtiff to version 3.9.5. \nCVE-ID\nCVE-2011-1167\n\nImageIO\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted PNG image may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in libpng\u0027s\nhandling of PNG images. These issues were addressed through improved\nvalidation of PNG images. \nCVE-ID\nCVE-2011-3026 : Juri Aedla\nCVE-2011-3048\nCVE-2011-3328\n\nImageIO\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted JPEG image may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  A double free issue existed in ImageIO\u0027s handling of\nJPEG images. This issue was addressed through improved memory\nmanagement. \nCVE-ID\nCVE-2012-3726 : Phil of PKJE Consulting\n\nImageIO\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  An integer overflow issue existed in libTIFF\u0027s handling\nof TIFF images. This issue was addressed through improved validation\nof TIFF images. \nCVE-ID\nCVE-2012-1173 : Alexander Gavrun working with HP\u0027s Zero Day\nInitiative\n\nInternational Components for Unicode\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription:  A stack buffer overflow existed in the handling of ICU\nlocale IDs. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2011-4599\n\nIPSec\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Loading a maliciously crafted racoon configuration file may\nlead to arbitrary code execution\nDescription:  A buffer overflow existed in the handling of racoon\nconfiguration files. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2012-3727 : iOS Jailbreak Dream Team\n\nKernel\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A local user may be able to execute arbitrary code with\nsystem privileges\nDescription:  An invalid pointer dereference issue existed in the\nkernel\u0027s handling of packet filter ioctls. This may allow an attacker\nto alter kernel memory. This issue was addressed through improved\nerror handling. \nCVE-ID\nCVE-2012-3728 : iOS Jailbreak Dream Team\n\nKernel\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A local user may be able to determine kernel memory layout\nDescription:  An uninitialized memory access issue existed in the\nBerkeley Packet Filter interpreter, which led to the disclosure of\nmemory content. This issue was addressed through improved memory\ninitialization. \nCVE-ID\nCVE-2012-3729 : Dan Rosenberg\n\nlibxml\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Viewing a maliciously crafted web page may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple vulnerabilities existed in libxml, the most\nserious of which may lead to an unexpected application termination or\narbitrary code execution. These issues were addressed by applying the\nrelevant upstream patches. \nCVE-ID\nCVE-2011-1944 : Chris Evans of Google Chrome Security Team\nCVE-2011-2821 : Yang Dingning of NCNIPC, Graduate University of\nChinese Academy of Sciences\nCVE-2011-2834 : Yang Dingning of NCNIPC, Graduate University of\nChinese Academy of Sciences\nCVE-2011-3919 : Juri Aedla\n\nMail\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Mail may present the wrong attachment in a message\nDescription:  A logic issue existed in Mail\u0027s handling of\nattachments. If a subsequent mail attachment used the same Content-ID\nas a previous one, the previous attachment would be displayed, even\nin the case where the 2 mails originated from different senders. This\ncould facilitate some spoofing or phishing attacks. This issue was\naddressed through improved handling of attachments. \nCVE-ID\nCVE-2012-3730 : Angelo Prado of the salesforce.com Product Security\nTeam\n\nMail\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Email attachments may be read without user\u0027s passcode\nDescription:  A logic issue existed in Mail\u0027s use of Data Protection\non email attachments. This issue was addressed by properly setting\nthe Data Protection class for email attachments. \nCVE-ID\nCVE-2012-3731 : Stephen Prairie of Travelers Insurance, Erich\nStuntebeck of AirWatch\n\nMail\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  An attacker may spoof the sender of a S/MIME signed message\nDescription:  S/MIME signed messages displayed the untrusted \u0027From\u0027\naddress, instead of the name associated with the message signer\u0027s\nidentity. This issue was addressed by displaying the address\nassociated with the message signer\u0027s identity when it is available. \nCVE-ID\nCVE-2012-3732 : An anonymous researcher\n\nMessages\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A user may unintentionally disclose the existence of their\nemail addresses\nDescription:  When a user had multiple email addresses associated\nwith iMessage, replying to a message may have resulted in the reply\nbeing sent from a different email address. This may disclose another\nemail address associated to the user\u0027s account. This issue was\naddressed by always replying from the email address the original\nmessage was sent to. \nCVE-ID\nCVE-2012-3733 : Rodney S. Foley of Gnomesoft, LLC\n\nOffice Viewer\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Unencrypted document data may be written to a temporary file\nDescription:  An information disclosure issue existed in the support\nfor viewing Microsoft Office files. When viewing a document, the\nOffice Viewer would write a temporary file containing data from the\nviewed document to the temporary directory of the invoking process. \nFor an application that uses data protection or other encryption to\nprotect the user\u0027s files, this could lead to information\ndisclosure. This issue was addressed by avoiding creation of\ntemporary files when viewing Office documents. \nCVE-ID\nCVE-2012-3734 : Salvatore Cataudella of Open Systems Technologies\n\nOpenGL\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Applications that use OS X\u0027s OpenGL implementation may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription:  Multiple memory corruption issues existed in the\nhandling of GLSL compilation. These issues were addressed through\nimproved validation of GLSL shaders. \nCVE-ID\nCVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and\nMarc Schoenefeld of the Red Hat Security Response Team\n\nPasscode Lock\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A person with physical access to the device could briefly\nview the last used third-party app on a locked device\nDescription:  A logic issue existed with the display of the \"Slide to\nPower Off\" slider on the lock screen. This issue was addressed\nthrough improved lock state management. \nCVE-ID\nCVE-2012-3735 : Chris Lawrence DBB\n\nPasscode Lock\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A person with physical access to the device may be able to\nbypass the screen lock\nDescription:  A logic issue existed in the termination of FaceTime\ncalls from the lock screen. This issue was addressed through improved\nlock state management. \nCVE-ID\nCVE-2012-3736 : Ian Vitek of 2Secure AB\n\nPasscode Lock\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  All photos may be accessible at the lock screen\nDescription:  A design issue existed in the support for viewing\nphotos that were taken at the lock screen. In order to determine\nwhich photos to permit access to, the passcode lock consulted the\ntime at which the device was locked and compared it to the time that\na photo was taken. By spoofing the current time, an attacker could\ngain access to photos that were taken before the device was locked. \nThis issues was addressed by explicitly keeping track of the photos\nthat were taken while the device was locked. \nCVE-ID\nCVE-2012-3737 : Ade Barkah of BlueWax Inc. \n\nPasscode Lock\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A person with physical access to a locked device may perform\nFaceTime calls\nDescription:  A logic issue existed in the Emergency Dialer screen,\nwhich permitted FaceTime calls via Voice Dialing on the locked\ndevice. This could also disclose the user\u0027s contacts via contact\nsuggestions. This issue was addressed by disabling Voice Dialing on\nthe Emergency Dialer screen. \nCVE-ID\nCVE-2012-3738 : Ade Barkah of BlueWax Inc. \n\nPasscode Lock\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A person with physical access to the device may be able to\nbypass the screen lock\nDescription:  Using the camera from the screen lock could in some\ncases interfere with automatic lock functionality, allowing a person\nwith physical access to the device to bypass the Passcode Lock\nscreen. This issue was addressed through improved lock state\nmanagement. \nCVE-ID\nCVE-2012-3739 : Sebastian Spanninger of the Austrian Federal\nComputing Centre (BRZ)\n\nPasscode Lock\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A person with physical access to the device may be able to\nbypass the screen lock\nDescription:  A state management issue existed in the handling of the\nscreen lock. This issue was addressed through improved lock state\nmanagement. \nCVE-ID\nCVE-2012-3740 : Ian Vitek of 2Secure AB\n\nRestrictions\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A user may be able to make purchases without entering Apple\nID credentials\nDescription:  After disabling Restrictions, iOS may not ask for the\nuser\u0027s password during a transaction. This issue was addressed by\nadditional enforcement of purchase authorization. \nCVE-ID\nCVE-2012-3741 : Kevin Makens of Redwood High School\n\nSafari\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Websites may use characters with an appearance similar to\nthe lock icon in their titles\nDescription:  Websites could use a Unicode character to create a lock\nicon in the page title. This icon was similar in appearance to the\nicon used to indicate a secure connection, and could have lead the\nuser to believe a secure connection had been established. This issue\nwas addressed by removing these characters from page titles. \nCVE-ID\nCVE-2012-3742 : Boku Kihara of Lepidum\n\nSafari\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Passwords may autocomplete even when the site specifies that\nautocomplete should be disabled\nDescription:  Password input elements with the autocomplete attribute\nset to \"off\" were being autocompleted. This issue was addressed\nthrough improved handling of the autocomplete attribute. \nCVE-ID\nCVE-2012-0680 : Dan Poltawski of Moodle\n\nSystem Logs\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Sandboxed apps may obtain system log content\nDescription:  Sandboxed apps had read access to /var/log directory,\nwhich may allow them to obtain sensitive information contained in\nsystem logs. This issue was addressed by denying sandboxed apps\naccess to the /var/log directory. \nCVE-ID\nCVE-2012-3743\n\nTelephony\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  An SMS message may appear to have been sent by an arbitrary\nuser\nDescription:  Messages displayed the return address of an SMS message\nas the sender. Return addresses may be spoofed. This issue was\naddressed by always displaying the originating address instead of the\nreturn address. \nCVE-ID\nCVE-2012-3744 : pod2g\n\nTelephony\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  An SMS message may disrupt cellular connectivity\nDescription:  An off-by-one buffer overflow existed in the handling\nof SMS user data headers. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2012-3745 : pod2g\n\nUIKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  An attacker that gains access to a device\u0027s filesystem may\nbe able to read files that were being displayed in a UIWebView\nDescription:  Applications that use UIWebView may leave unencrypted\nfiles on the file system even when a passcode is enabled. This issue\nwas addressed through improved use of data protection. \nCVE-ID\nCVE-2012-3746 : Ben Smith of Box\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription:  Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2011-3016 : miaubiz\nCVE-2011-3021 : Arthur Gerkis\nCVE-2011-3027 : miaubiz\nCVE-2011-3032 : Arthur Gerkis\nCVE-2011-3034 : Arthur Gerkis\nCVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur\nGerkis\nCVE-2011-3036 : miaubiz\nCVE-2011-3037 : miaubiz\nCVE-2011-3038 : miaubiz\nCVE-2011-3039 : miaubiz\nCVE-2011-3040 : miaubiz\nCVE-2011-3041 : miaubiz\nCVE-2011-3042 : miaubiz\nCVE-2011-3043 : miaubiz\nCVE-2011-3044 : Arthur Gerkis\nCVE-2011-3050 : miaubiz\nCVE-2011-3053 : miaubiz\nCVE-2011-3059 : Arthur Gerkis\nCVE-2011-3060 : miaubiz\nCVE-2011-3064 : Atte Kettunen of OUSPG\nCVE-2011-3068 : miaubiz\nCVE-2011-3069 : miaubiz\nCVE-2011-3071 : pa_kt working with HP\u0027s Zero Day Initiative\nCVE-2011-3073 : Arthur Gerkis\nCVE-2011-3074 : Slawomir Blazek\nCVE-2011-3075 : miaubiz\nCVE-2011-3076 : miaubiz\nCVE-2011-3078 : Martin Barbella of the Google Chrome Security Team\nCVE-2011-3081 : miaubiz\nCVE-2011-3086 : Arthur Gerkis\nCVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz\nCVE-2011-3090 : Arthur Gerkis\nCVE-2011-3105 : miaubiz\nCVE-2011-3913 : Arthur Gerkis\nCVE-2011-3924 : Arthur Gerkis\nCVE-2011-3926 : Arthur Gerkis\nCVE-2011-3958 : miaubiz\nCVE-2011-3966 : Aki Helin of OUSPG\nCVE-2011-3968 : Arthur Gerkis\nCVE-2011-3969 : Arthur Gerkis\nCVE-2011-3971 : Arthur Gerkis\nCVE-2012-0682 : Apple Product Security\nCVE-2012-0683 : Dave Mandelin of Mozilla\nCVE-2012-1520 : Martin Barbella of the Google Chrome Security Team\nusing AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com\nworking with iDefense VCP\nCVE-2012-1521 : Skylined of the Google Chrome Security Team, Jose A. \nVazquez of spa-s3c.blogspot.com working with iDefense VCP\nCVE-2012-2818 : miaubiz\nCVE-2012-3589 : Dave Mandelin of Mozilla\nCVE-2012-3590 : Apple Product Security\nCVE-2012-3591 : Apple Product Security\nCVE-2012-3592 : Apple Product Security\nCVE-2012-3593 : Apple Product Security\nCVE-2012-3594 : miaubiz\nCVE-2012-3595 : Martin Barbella of Google Chrome Security\nCVE-2012-3596 : Skylined of the Google Chrome Security Team\nCVE-2012-3597 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3598 : Apple Product Security\nCVE-2012-3599 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3600 : David Levin of the Chromium development community\nCVE-2012-3601 : Martin Barbella of the Google Chrome Security Team\nusing AddressSanitizer\nCVE-2012-3602 : miaubiz\nCVE-2012-3603 : Apple Product Security\nCVE-2012-3604 : Skylined of the Google Chrome Security Team\nCVE-2012-3605 : Cris Neckar of the Google Chrome Security team\nCVE-2012-3608 : Skylined of the Google Chrome Security Team\nCVE-2012-3609 : Skylined of the Google Chrome Security Team\nCVE-2012-3610 : Skylined of the Google Chrome Security Team\nCVE-2012-3611 : Apple Product Security\nCVE-2012-3612 : Skylined of the Google Chrome Security Team\nCVE-2012-3613 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3614 : Yong Li of Research In Motion, Inc. \nCVE-2012-3615 : Stephen Chenney of the Chromium development community\nCVE-2012-3617 : Apple Product Security\nCVE-2012-3618 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3620 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3624 : Skylined of the Google Chrome Security Team\nCVE-2012-3625 : Skylined of Google Chrome Security Team\nCVE-2012-3626 : Apple Product Security\nCVE-2012-3627 : Skylined and Abhishek Arya (Inferno) of Google Chrome\nSecurity team\nCVE-2012-3628 : Apple Product Security\nCVE-2012-3629 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3630 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3631 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3633 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3634 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3635 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3636 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3637 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3638 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3639 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3640 : miaubiz\nCVE-2012-3641 : Slawomir Blazek\nCVE-2012-3642 : miaubiz\nCVE-2012-3644 : miaubiz\nCVE-2012-3645 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3646 : Julien Chaffraix of the Chromium development\ncommunity, Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3647 : Skylined of the Google Chrome Security Team\nCVE-2012-3648 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3651 : Abhishek Arya (Inferno) and Martin Barbella of the\nGoogle Chrome Security Team\nCVE-2012-3652 : Martin Barbella of Google Chrome Security Team\nCVE-2012-3653 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3655 : Skylined of the Google Chrome Security Team\nCVE-2012-3656 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3658 : Apple\nCVE-2012-3659 : Mario Gomes of netfuzzer.blogspot.com, Abhishek Arya\n(Inferno) of the Google Chrome Security Team\nCVE-2012-3660 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3661 : Apple Product Security\nCVE-2012-3663 : Skylined of Google Chrome Security Team\nCVE-2012-3664 : Thomas Sepez of the Chromium development community\nCVE-2012-3665 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3666 : Apple\nCVE-2012-3667 : Trevor Squires of propaneapp.com\nCVE-2012-3668 : Apple Product Security\nCVE-2012-3669 : Apple Product Security\nCVE-2012-3670 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam, Arthur Gerkis\nCVE-2012-3671 : Skylined and Martin Barbella of the Google Chrome\nSecurity Team\nCVE-2012-3672 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3673 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3674 : Skylined of Google Chrome Security Team\nCVE-2012-3676 : Julien Chaffraix of the Chromium development\ncommunity\nCVE-2012-3677 : Apple\nCVE-2012-3678 : Apple Product Security\nCVE-2012-3679 : Chris Leary of Mozilla\nCVE-2012-3680 : Skylined of Google Chrome Security Team\nCVE-2012-3681 : Apple\nCVE-2012-3682 : Adam Barth of the Google Chrome Security Team\nCVE-2012-3683 : wushi of team509 working with iDefense VCP\nCVE-2012-3684 : kuzzcc\nCVE-2012-3686 : Robin Cao of Torch Mobile (Beijing)\nCVE-2012-3703 : Apple Product Security\nCVE-2012-3704 : Skylined of the Google Chrome Security Team\nCVE-2012-3706 : Apple Product Security\nCVE-2012-3708 : Apple\nCVE-2012-3710 : James Robinson of Google\nCVE-2012-3747 : David Bloom of Cue\n\nWebKit\nAvailable for:  iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite disclosure of information\nDescription:  A cross-origin issue existed in the handling of CSS\nproperty values. This issue was addressed through improved origin\ntracking. \nCVE-ID\nCVE-2012-3691 : Apple\n\nWebKit\nAvailable for:  iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact:  A malicious website may be able to replace the contents of\nan iframe on another site\nDescription:  A cross-origin issue existed in the handling of iframes\nin popup windows. This issue was addressed through improved origin\ntracking. \nCVE-ID\nCVE-2011-3067 : Sergey Glazunov\n\nWebKit\nAvailable for:  iPhone 3GS, iPhone 4, iPhone 4S,\niPod touch (3rd generation) and later, iPad, iPad 2\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite disclosure of information\nDescription:  A cross-origin issue existed in the handling of iframes\nand fragment identifiers. This issue was addressed through improved\norigin tracking. \nCVE-ID\nCVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt,\nand Dan Boneh of the Stanford University Security Laboratory\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Look-alike characters in a URL could be used to masquerade a\nwebsite\nDescription:  The International Domain Name (IDN) support and Unicode\nfonts embedded in Safari could have been used to create a URL which\ncontains look-alike characters. These could have been used in a\nmalicious website to direct the user to a spoofed site that visually\nappears to be a legitimate domain. This issue was addressed by\nsupplementing WebKit\u0027s list of known look-alike characters. Look-\nalike characters are rendered in Punycode in the address bar. \nCVE-ID\nCVE-2012-3693 : Matt Cooley of Symantec\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription:  A canonicalization issue existed in the handling of\nURLs. This may have led to cross-site scripting on sites which use\nthe location.href property. This issue was addressed through improved\ncanonicalization of URLs. \nCVE-ID\nCVE-2012-3695 : Masato Kinugawa\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to HTTP\nrequest splitting\nDescription:  An HTTP header injection issue existed in the handling\nof WebSockets. This issue was addressed through improved WebSockets\nURI sanitization. \nCVE-ID\nCVE-2012-3696 : David Belcher of the BlackBerry Security Incident\nResponse Team\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  A maliciously crafted website may be able to spoof the value\nin the URL bar\nDescription:  A state management issue existed in the handling of\nsession history. Navigations to a fragment on the current page may\ncause Safari to display incorrect information in the URL bar. This\nissue was addressed through improved session state tracking. \nCVE-ID\nCVE-2011-2845 : Jordi Chancel\n\nWebKit\nAvailable for:  iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact:  Visiting a maliciously crafted website may lead to the\ndisclosure of the disclosure of memory contents\nDescription:  An uninitialized memory access issue existed in the\nhandling of SVG images. This issue was addressed through improved\nmemory initialization. \nCVE-ID\nCVE-2012-3650 : Apple\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update will be \"6.0\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJQWeYHAAoJEPefwLHPlZEwFlwP/1Ib/2m8K7orlPb3zmsKTyjo\n3T0rFqu1LbXNzwLRhan7E7KiJoQ7U6yVO4045o/19AYZM+zGVNnHsCkUc3+Vcpa5\nTZIM9Rik2iXKMxzttFfc5tvhE1u18PstsDLU/jvyW+s3XxMVL54wnSmW1R+P0de0\n8+Q++IANogUj+scJzQkTaFDNDN5v1p0BT0+cifCcqktXB4H/PoaQ7drIWiDGYB/9\nn4IL5AjM0BJBzWkldfjPimZ0BseSA0BxdeVCopmAgdnigyB60G4cWGzkU7E35VnP\ndWgdU9rnIIvGGe/vP912f7AoPtWs1b8n6DYCJgGRXvaRfPoHFUlXaRoVB6vJlMVs\nJXyMrw/RSDfYEgJdNbFOSxyJXHUkTkt4+aNW4KcoMR6raI/W5zKDyMEICw1wpkwP\nid6Dz4e6ncf+cfvAFqXpk02OC7iJqn71IJN2MvU/hC7797l++PINIoOHwJZolt+T\nxL3wV8p3Lk8K6lZx3Q9Tu6Dd7GYkxtjLCgV1NgdHOwPKDUOJ47oG6RjZAd6hpicp\nRqYXbk5bJpd3nZv+X6FrCZqGfeuwREWW7FJ0dI+/8ohlnisTz16f48W9FtuN3HIj\nbmxFJ46P4LGxrizwDSdBngxf3Utkh+7hGLuMH51/jR8+tCqDIEgpKBA+2F+IOmyP\nXtT4lS60xKz63YSg79dd\n=LvMt\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2011-3064"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "db": "BID",
        "id": "52762"
      },
      {
        "db": "VULHUB",
        "id": "VHN-51009"
      },
      {
        "db": "PACKETSTORM",
        "id": "117673"
      },
      {
        "db": "PACKETSTORM",
        "id": "115018"
      },
      {
        "db": "PACKETSTORM",
        "id": "116534"
      },
      {
        "db": "PACKETSTORM",
        "id": "111455"
      },
      {
        "db": "PACKETSTORM",
        "id": "116791"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2011-3064",
        "trust": 3.3
      },
      {
        "db": "BID",
        "id": "52762",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "48691",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "48618",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "48763",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "80742",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1026877",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-582",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-51009",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "117673",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "115018",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116534",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "111455",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "116791",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51009"
      },
      {
        "db": "BID",
        "id": "52762"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "db": "PACKETSTORM",
        "id": "117673"
      },
      {
        "db": "PACKETSTORM",
        "id": "115018"
      },
      {
        "db": "PACKETSTORM",
        "id": "116534"
      },
      {
        "db": "PACKETSTORM",
        "id": "111455"
      },
      {
        "db": "PACKETSTORM",
        "id": "116791"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3064"
      }
    ]
  },
  "id": "VAR-201203-0185",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51009"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-29T22:13:55.868000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT5400",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5400"
      },
      {
        "title": "HT5503",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5503"
      },
      {
        "title": "HT5485",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5485"
      },
      {
        "title": "HT5400",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5400?viewlocale=ja_JP"
      },
      {
        "title": "HT5503",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5503?viewlocale=ja_JP"
      },
      {
        "title": "HT5485",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/HT5485?viewlocale=ja_JP"
      },
      {
        "title": "Stable Channel Release and Beta Channel Update",
        "trust": 0.8,
        "url": "http://googlechromereleases.blogspot.jp/2012/03/stable-channel-release-and-beta-channel.html"
      },
      {
        "title": "Google Chrome",
        "trust": 0.8,
        "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja"
      },
      {
        "title": "Google Chrome Remediation measures for denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=114593"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-399",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51009"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3064"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2012/jul/msg00000.html"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00001.html"
      },
      {
        "trust": 1.7,
        "url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00003.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/52762"
      },
      {
        "trust": 1.7,
        "url": "http://code.google.com/p/chromium/issues/detail?id=117471"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht5400"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht5485"
      },
      {
        "trust": 1.7,
        "url": "http://support.apple.com/kb/ht5503"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/80742"
      },
      {
        "trust": 1.7,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14755"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1026877"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/48618"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/48691"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/48763"
      },
      {
        "trust": 0.9,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3064"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3064"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu624491/"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu864819/"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3059"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3060"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3064"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3038"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3043"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3044"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3053"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3042"
      },
      {
        "trust": 0.3,
        "url": "http://www.google.com/chrome"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3067"
      },
      {
        "trust": 0.3,
        "url": "http://support.apple.com/kb/ht1222"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3035"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3027"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3050"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3016"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3036"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3041"
      },
      {
        "trust": 0.3,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3021"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3032"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3040"
      },
      {
        "trust": 0.3,
        "url": "http://gpgtools.org"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3037"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3034"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3039"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3076"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3074"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2845"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3075"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3071"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3068"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3069"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3073"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3625"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3051"
      },
      {
        "trust": 0.1,
        "url": "http://www.ubuntu.com/usn/usn-1617-1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3628"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3598"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3031"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3645"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3090"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/bugs/1058339"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3626"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1521"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3086"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3611"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3604"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3601"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3081"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3652"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3617"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/webkit/1.8.3-0ubuntu0.12.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3627"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3612"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3078"
      },
      {
        "trust": 0.1,
        "url": "http://www.apple.com/itunes/download/"
      },
      {
        "trust": 0.1,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3058"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3065"
      },
      {
        "trust": 0.1,
        "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-a="
      },
      {
        "trust": 0.1,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3059"
      },
      {
        "trust": 0.1,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3062"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3063"
      },
      {
        "trust": 0.1,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3063"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3061"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/glsa/glsa-201203-24.xml"
      },
      {
        "trust": 0.1,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3060"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3058"
      },
      {
        "trust": 0.1,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3057"
      },
      {
        "trust": 0.1,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3065"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3062"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3061"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3057"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/itunes/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3048"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1167"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2834"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1944"
      },
      {
        "trust": 0.1,
        "url": "http://www.freetype.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3026"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2821"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-51009"
      },
      {
        "db": "BID",
        "id": "52762"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "db": "PACKETSTORM",
        "id": "117673"
      },
      {
        "db": "PACKETSTORM",
        "id": "115018"
      },
      {
        "db": "PACKETSTORM",
        "id": "116534"
      },
      {
        "db": "PACKETSTORM",
        "id": "111455"
      },
      {
        "db": "PACKETSTORM",
        "id": "116791"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3064"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-51009"
      },
      {
        "db": "BID",
        "id": "52762"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "db": "PACKETSTORM",
        "id": "117673"
      },
      {
        "db": "PACKETSTORM",
        "id": "115018"
      },
      {
        "db": "PACKETSTORM",
        "id": "116534"
      },
      {
        "db": "PACKETSTORM",
        "id": "111455"
      },
      {
        "db": "PACKETSTORM",
        "id": "116791"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      },
      {
        "db": "NVD",
        "id": "CVE-2011-3064"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-03-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-51009"
      },
      {
        "date": "2012-03-28T00:00:00",
        "db": "BID",
        "id": "52762"
      },
      {
        "date": "2012-04-04T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "date": "2012-10-25T20:48:27",
        "db": "PACKETSTORM",
        "id": "117673"
      },
      {
        "date": "2012-07-25T23:01:01",
        "db": "PACKETSTORM",
        "id": "115018"
      },
      {
        "date": "2012-09-14T02:13:11",
        "db": "PACKETSTORM",
        "id": "116534"
      },
      {
        "date": "2012-04-01T17:52:05",
        "db": "PACKETSTORM",
        "id": "111455"
      },
      {
        "date": "2012-09-22T06:24:25",
        "db": "PACKETSTORM",
        "id": "116791"
      },
      {
        "date": "2012-03-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      },
      {
        "date": "2012-03-30T22:55:01.730000",
        "db": "NVD",
        "id": "CVE-2011-3064"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-04-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-51009"
      },
      {
        "date": "2015-03-19T09:18:00",
        "db": "BID",
        "id": "52762"
      },
      {
        "date": "2013-04-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      },
      {
        "date": "2020-04-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      },
      {
        "date": "2024-11-21T01:29:38.127000",
        "db": "NVD",
        "id": "CVE-2011-3064"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "117673"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Used in multiple products  Webkit Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001974"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-582"
      }
    ],
    "trust": 0.6
  }
}

ghsa-fc76-wjg5-5742

Vulnerability from github

Published

2022-05-13 01:27

Modified

2022-05-13 01:27

Details

Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-3064"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-03-30T22:55:00Z",
    "severity": "HIGH"
  },
  "details": "Use-after-free vulnerability in Google Chrome before 18.0.1025.142 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to SVG clipping.",
  "id": "GHSA-fc76-wjg5-5742",
  "modified": "2022-05-13T01:27:21Z",
  "published": "2022-05-13T01:27:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-3064"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14755"
    },
    {
      "type": "WEB",
      "url": "http://code.google.com/p/chromium/issues/detail?id=117471"
    },
    {
      "type": "WEB",
      "url": "http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80742"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48618"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48691"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/48763"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5400"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5485"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT5503"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/52762"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1026877"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2011-3064

Vulnerability from cvelistv5

gsd-2011-3064

Vulnerability from gsd

var-201203-0185

Vulnerability from variot

webkit vulnerabilities

Synopsis

Background

Affected packages

Description

Impact

Workaround

Resolution

References

Availability

Concerns?

License

ghsa-fc76-wjg5-5742

Vulnerability from github

Tags

Sightings

Nomenclature