fkie_cve-2011-3238
Vulnerability from fkie_nvd
Published
2011-10-12 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3945FBC4-84DB-4121-982A-9B39EB860E03",
"versionEndIncluding": "10.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5CBD58D1-C40D-4F6D-816F-A3842897EB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C910CA4-5EA5-4507-BDE9-3E6C1434B666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B4195D-1550-42D1-B562-0E438F7ACC2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1206A192-A22C-4C55-A323-1D28D89BED21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93748DFC-6003-4BED-87F9-98713F6897EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A8873F1-4792-41A1-83B5-B85C9F4A7D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB84AFE4-2694-475A-80D3-4D50C524EE18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8343D87F-FA37-4225-B27D-BCCDD2433C31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B591AE1E-02DB-462A-B71F-48947525D232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34B5892B-0377-4D81-9E0E-94B8D8CE72C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2276BED4-82F0-4F62-AA6F-7E1667F28E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45D47548-1C4D-4368-99D1-929905DD6B3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "28AE8D2D-63CA-4091-9D59-CE919EB1FD75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "582D1FE8-C4E8-4385-B4EB-34320F019E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEE6DEC-9B26-47F4-A2CF-CA49981C8864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2223B8E2-346A-4C37-9F6C-879F9CA64C06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "93E5227C-0621-43EE-A0F2-4B4545D71852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB69B123-7A09-4855-9846-E8ACACB3C6F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0CC53F2-3827-4CA3-8726-C481B57B4AB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1AFF8F-BBCA-4C93-A401-F8B478327BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0BA3571F-9221-45CD-9798-CC72CA428D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "017E5A35-D778-46FD-A536-E57A13162675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6122C685-4F02-476F-9A41-9C62D3D92651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17D37426-00A0-40E5-A27A-CF31D8CBAEEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3E11CADC-AFCC-4A98-9271-C35BC9752B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3856A348-A0D6-4A0A-A8C9-D369CC863A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "670656BF-2BE2-41ED-854A-466DC4068FBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE7F79F-54F5-4315-98BD-414CA2D1C51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBF2E9F-0F37-4DDA-9704-B31D94745257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1143A4DE-F75B-4396-9D01-CE14EF8FCB39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A02D076B-5900-401D-9B47-5136B9CEAA15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E479501-8832-41B0-A63C-360AE5A1B420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E41B2E2A-CE22-49FD-9558-0E6C87F53425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1950796-DA96-4443-85F4-91FE38A26612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5EBED9A-DCF4-47FE-9A6D-4573594AA645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7EA3F3-576C-4661-B35F-EC34CE363125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6775CF5C-2083-4622-9D9B-DF7AB4F07422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C84CFAD-5D0F-4BBE-A603-D7A2E8BFB28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3A6055-2626-4A6E-9596-9974E7437FB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00AF4F28-A71C-4CB3-8F5F-C15500332954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5817849-ADD0-4905-87D5-4D61DB635747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96E90253-3F7D-4361-819B-5D49657F4472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4CDE68E5-744B-4E18-BB74-83D7185E6A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2375C00-64ED-4027-810F-BA9E561385D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9C720899-5ED4-4B7F-B90F-043DE7D91C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A1CA3CEB-11D9-4B24-82A1-D7EE77C2E7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:10.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF65883-4445-4436-98C5-35D9D2E1907B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:itunes:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CCD602-FC35-4FD5-B976-4B585C5AA254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1."
},
{
"lang": "es",
"value": "WebKit, tal como se usa en Apple iTunes en versiones anteriores a 10.5, permite a atacantes \"man-in-the-middle\" ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de vectores relacionados con la navegaci\u00f3n del iTunes Store. Una vulnerabilidad distinta a las de otros CVEs listados en APPLE-SA-2011-10-11-1."
}
],
"id": "CVE-2011-3238",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-10-12T18:55:02.033",
"references": [
{
"source": "product-security@apple.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"
},
{
"source": "product-security@apple.com",
"url": "http://osvdb.org/76384"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4981"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT5000"
},
{
"source": "product-security@apple.com",
"url": "http://www.securityfocus.com/bid/50066"
},
{
"source": "product-security@apple.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70515"
},
{
"source": "product-security@apple.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/76384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT5000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17212"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…