var-201103-0265
Vulnerability from variot
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. WebKit is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application. Very few technical details are currently available. We will update this BID when more information emerges. Successful exploits will allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. NOTE: This issue was previously discussed in BID 46654 (WebKit Multiple Memory Corruption Vulnerabilities) but has been given its own record to better document it. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A vulnerability exists in WebKit used in versions prior to 10.2 of Apple iTunes on Windows-based platforms. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6
Safari 5.1 and Safari 5.0.6 are now available and address the following:
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: In certain situations, Safari may treat a file as HTML, even if it is served with the 'text/plain' content type. This may lead to a cross-site scripting attack on sites that allow untrusted users to post text files. This issue is addressed through improved handling of 'text/plain' content. CVE-ID CVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability Research (MSVR), Neal Poole of Matasano Security
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: Authenticating to a maliciously crafted website may lead to arbitrary code execution Description: The NTLM authentication protocol is susceptible to a replay attack referred to as credential reflection. Authenticating to a maliciously crafted website may lead to arbitrary code execution. To mitigate this issue, Safari has been updated to utilize protection mechanisms recently added to Windows. This issue does not affect Mac OS X systems. CVE-ID CVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research
CFNetwork Available for: Windows 7, Vista, XP SP2 or later Impact: A root certificate that is disabled may still be trusted Description: CFNetwork did not properly validate that a certificate was trusted for use by a SSL server. As a result, if the user had marked a system root certificate as not trusted, Safari would still accept certificates signed by that root. This issue is addressed through improved certificate validation. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0214 : An anonymous reporter
ColorSync Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow existed in the handling of images with an embedded ColorSync profile, which may lead to a heap buffer overflow. Opening a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0200 : binaryproof working with TippingPoint's Zero Day Initiative
CoreFoundation Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution Description: An off-by-one buffer overflow issue existed in the handling of CFStrings. Applications that use the CoreFoundation framework may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0201 : Harry Sintonen
CoreGraphics Available for: Windows 7, Vista, XP SP2 or later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: An integer overflow issue existed in the handling of Type 1 fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert of the Google Security Team
International Components for Unicode Available for: Windows 7, Vista, XP SP2 or later Impact: Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in ICU's handling of uppercase strings. Applications that use ICU may be vulnerable to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of CCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A reentrancy issue existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. This issue does not affect Mac OS X systems. CVE-ID CVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP
ImageIO Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in ImageIO's handling of TIFF images. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0204 : Dominic Chell of NGS Secure
libxslt Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap Description: libxslt's implementation of the generate-id() XPath function disclosed the address of a heap buffer. Visiting a maliciously crafted website may lead to the disclosure of addresses on the heap. This issue is addressed by generating an ID based on the difference between the addresses of two heap buffers. For Mac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in Security Update 2011-004. CVE-ID CVE-2011-0195 : Chris Evans of the Google Chrome Security Team
libxml Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team
Safari Available for: Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: If the "AutoFill web forms" feature is enabled, visiting a maliciously crafted website and typing may lead to the disclosure of information from the user's Address Book Description: Safari's "AutoFill web forms" feature filled in non- visible form fields, and the information was accessible by scripts on the site before the user submitted the form. This issue is addressed by displaying all fields that will be filled, and requiring the user's consent before AutoFill information is available to the form. CVE-ID CVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah Grossman]
Safari Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: With a certain Java configuration, visiting a malicious website may lead to unexpected text being displayed on other sites Description: A cross origin issue existed in the handling of Java Applets. This applies when Java is enabled in Safari, and Java is configured to run within the browser process. Fonts loaded by a Java applet could affect the display of text content from other sites. This issue is addressed by running Java applets in a separate process. CVE-ID CVE-2011-0219 : Joshua Smith of Kaon Interactive
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability Research (MSVR), wushi of team509, and Yong Li of Research In Motion Ltd CVE-2011-0164 : Apple CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative, wushi of team509 working with iDefense VCP CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0237 : wushi of team509 working with iDefense VCP CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0240 : wushi of team509 working with iDefense VCP CVE-2011-0253 : Richard Keen CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski, wushi of team 509 working with iDefense VCP CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A configuration issue existed in WebKit's use of libxslt. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. This issue is addressed through improved libxslt security settings. CVE-ID CVE-2011-1774 : Nicolas Gregoire of Agarri
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an information disclosure Description: A cross-origin issue existed in the handling of Web Workers. Visiting a maliciously crafted website may lead to an information disclosure. CVE-ID CVE-2011-1190 : Daniel Divricean of divricean.ro
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. Visiting a maliciously crafted website may lead to a cross-site scripting attack. This issue is addressed through improved handling of URLs with an embedded username. CVE-ID CVE-2011-0242 : Jobert Abma of Online24
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of DOM nodes. Visiting a maliciously crafted website may lead to a cross- site scripting attack. CVE-ID CVE-2011-1295 : Sergey Glazunov
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. A maliciously crafted website may have been able to cause a different URL to be shown in the address bar. CVE-ID CVE-2011-1107 : Jordi Chancel
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to an information disclosure Description: A canonicalization issue existed in the handling of URLs. Subscribing to a maliciously crafted RSS feed and clicking on a link within it may lead to arbitrary files being sent from the user's system to a remote server. This update addresses the issue through improved handling of URLs. CVE-ID CVE-2011-0244 : Jason Hullinger
WebKit Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later Impact: Applications that use WebKit, such as mail clients, may connect to an arbitrary DNS server upon processing HTML content Description: DNS prefetching was enabled by default in WebKit. Applications that use WebKit, such a s mail clients, may connect to an arbitrary DNS server upon processing HTML content. This update addresses the issue by requiring applications to opt in to DNS prefetching. CVE-ID CVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd.
Note: Safari 5.1 is included with OS X Lion.
Safari 5.1 and Safari 5.0.6 address the same set of security issues. Safari 5.1 is provided for Mac OS X v10.6, and Windows systems. Safari 5.0.6 is provided for Mac OS X v10.5 systems.
Safari 5.1 is available via the Apple Software Update application, or Apple's Safari download site at: http://www.apple.com/safari/download/
Safari 5.0.6 is available via the Apple Software Update application, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Safari for Mac OS X v10.6.8 and later The download file is named: Safari5.1SnowLeopard.dmg Its SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24
Safari for Mac OS X v10.5.8 The download file is named: Safari5.0.6Leopard.dmg Its SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f
Safari for Windows 7, Vista or XP The download file is named: SafariSetup.exe Its SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36
Safari for Windows 7, Vista or XP from the Microsoft Choice Screen The download file is named: Safari_Setup.exe Its SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b
Safari+QuickTime for Windows 7, Vista or XP The file is named: SafariQuickTimeSetup.exe Its SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw up9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD MeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY nKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb vesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/ KD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ= =fOfF -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201103-0265", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "itunes", "scope": "eq", "trust": 1.9, "vendor": "apple", "version": "9.2.1" }, { "model": "itunes", "scope": "eq", "trust": 1.9, "vendor": "apple", "version": "9.0.2" }, { "model": "itunes", "scope": "eq", "trust": 1.9, "vendor": "apple", "version": "9.2" }, { "model": "itunes", "scope": "eq", "trust": 1.9, "vendor": "apple", "version": "10.1" }, { "model": "itunes", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.0.1" }, { "model": "itunes", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.1.1" }, { "model": "itunes", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "10.0" }, { "model": "itunes", "scope": "eq", "trust": 1.6, "vendor": "apple", "version": "9.0.3" }, { "model": "itunes", "scope": "eq", "trust": 1.3, "vendor": "apple", "version": "9.0.1" }, { "model": "itunes", "scope": "eq", "trust": 1.3, "vendor": "apple", "version": "8.2" }, { "model": "itunes", "scope": "eq", "trust": 1.3, "vendor": "apple", "version": "8.1" }, { "model": "itunes", "scope": "eq", "trust": 1.1, "vendor": "apple", "version": "10" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.6" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.4" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "8.0.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "8.0.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "6.0.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "6.0.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "6.0.3" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.5" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.6.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.3.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.6.2" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "6.0.4.2" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.7" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.7.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.4.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.2.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "6.0.2" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.4.2" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.5" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.6" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.7" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "8.2.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "5.0.1" }, { "model": "itunes", "scope": "lte", "trust": 1.0, "vendor": "apple", "version": "10.1.2" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.7.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.4.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.0.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.1.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.1.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "6.0.5" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.0.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.7.2" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "8.0.2" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "9.0.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.6.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "5.0.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.5.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.0.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "8.1.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.3.2" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.3.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.5.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.4.3" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.7.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.1.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.9.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.8.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.6.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "5.0" }, { "model": "webkit", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "*" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "6.0.4" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.7.1" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.0.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "4.2.0" }, { "model": "itunes", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "7.0.2" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.5.8" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.5.8" }, { "model": "safari", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "5" }, { "model": "webkit", "scope": null, "trust": 0.6, "vendor": "apple", "version": null }, { "model": "itunes", "scope": "eq", "trust": 0.6, "vendor": "apple", "version": "10.1.2" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.5" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.3" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.2" }, { "model": "open source project webkit r77705", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "open source project webkit r52833", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "open source project webkit r52401", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "open source project webkit r51295", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "open source project webkit r38566", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.x" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.2-1" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "0" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0.1.8" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.1" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "8.0.2.20" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "8.0" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.2.2" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.2" }, { "model": "safari", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "safari for windows", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "safari", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "safari for windows", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "itunes", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "10.5" }, { "model": "itunes", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "10.2" } ], "sources": [ { "db": "BID", "id": "46703" }, { "db": "JVNDB", "id": "JVNDB-2011-001347" }, { "db": "CNNVD", "id": "CNNVD-201103-107" }, { "db": "NVD", "id": "CVE-2011-0164" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:apple:mac_os_x", "vulnerable": true }, { "cpe22Uri": "cpe:/o:apple:mac_os_x_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:apple:itunes", "vulnerable": true }, { "cpe22Uri": "cpe:/a:apple:safari", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001347" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apple", "sources": [ { "db": "BID", "id": "46703" }, { "db": "PACKETSTORM", "id": "103216" }, { "db": "PACKETSTORM", "id": "105708" } ], "trust": 0.5 }, "cve": "CVE-2011-0164", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "id": "CVE-2011-0164", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "id": "VHN-48109", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:H/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2011-0164", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2011-0164", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-201103-107", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-48109", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-48109" }, { "db": "JVNDB", "id": "JVNDB-2011-001347" }, { "db": "CNNVD", "id": "CNNVD-201103-107" }, { "db": "NVD", "id": "CVE-2011-0164" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. WebKit is prone to an unspecified memory-corruption vulnerability. \nAn attacker can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application. \nVery few technical details are currently available. We will update this BID when more information emerges. \nSuccessful exploits will allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. \nNOTE: This issue was previously discussed in BID 46654 (WebKit Multiple Memory Corruption Vulnerabilities) but has been given its own record to better document it. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. A vulnerability exists in WebKit used in versions prior to 10.2 of Apple iTunes on Windows-based platforms. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6\n\nSafari 5.1 and Safari 5.0.6 are now available and address the\nfollowing:\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: In certain situations, Safari may treat a file as HTML,\neven if it is served with the \u0027text/plain\u0027 content type. This may\nlead to a cross-site scripting attack on sites that allow untrusted\nusers to post text files. This issue is addressed through improved\nhandling of \u0027text/plain\u0027 content. \nCVE-ID\nCVE-2010-1420 : Hidetake Jo working with Microsoft Vulnerability\nResearch (MSVR), Neal Poole of Matasano Security\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Authenticating to a maliciously crafted website may lead to\narbitrary code execution\nDescription: The NTLM authentication protocol is susceptible to a\nreplay attack referred to as credential reflection. Authenticating to\na maliciously crafted website may lead to arbitrary code execution. \nTo mitigate this issue, Safari has been updated to utilize protection\nmechanisms recently added to Windows. This issue does not affect Mac\nOS X systems. \nCVE-ID\nCVE-2010-1383 : Takehiro Takahashi of IBM X-Force Research\n\nCFNetwork\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: A root certificate that is disabled may still be trusted\nDescription: CFNetwork did not properly validate that a certificate\nwas trusted for use by a SSL server. As a result, if the user had\nmarked a system root certificate as not trusted, Safari would still\naccept certificates signed by that root. This issue is addressed\nthrough improved certificate validation. This issue does not affect\nMac OS X systems. \nCVE-ID\nCVE-2011-0214 : An anonymous reporter\n\nColorSync\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution\nDescription: An integer overflow existed in the handling of images\nwith an embedded ColorSync profile, which may lead to a heap buffer\noverflow. Opening a maliciously crafted image with an embedded\nColorSync profile may lead to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.5 systems, this issue\nis addressed in Security Update 2011-004. \nCVE-ID\nCVE-2011-0200 : binaryproof working with TippingPoint\u0027s Zero Day\nInitiative\n\nCoreFoundation\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use the CoreFoundation framework may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: An off-by-one buffer overflow issue existed in the\nhandling of CFStrings. Applications that use the CoreFoundation\nframework may be vulnerable to an unexpected application termination\nor arbitrary code execution. For Mac OS X v10.6 systems, this issue\nis addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0201 : Harry Sintonen\n\nCoreGraphics\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Opening a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An integer overflow issue existed in the handling of\nType 1 fonts. Viewing or downloading a document containing a\nmaliciously crafted embedded font may lead to arbitrary code\nexecution. For Mac OS X v10.6 systems, this issue is addressed in Mac\nOS X v10.6.8. For Mac OS X v10.5 systems, this issue is addressed in\nSecurity Update 2011-004. \nCVE-ID\nCVE-2011-0202 : Cristian Draghici of Modulo Consulting, Felix Grobert\nof the Google Security Team\n\nInternational Components for Unicode\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Applications that use ICU may be vulnerable to an unexpected\napplication termination or arbitrary code execution\nDescription: A buffer overflow issue existed in ICU\u0027s handling of\nuppercase strings. Applications that use ICU may be vulnerable to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nCVE-ID\nCVE-2011-0206 : David Bienvenu of Mozilla\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nCCITT Group 4 encoded TIFF images. Viewing a maliciously crafted TIFF\nimage may lead to an unexpected application termination or arbitrary\ncode execution. \nCVE-ID\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A reentrancy issue existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. This\nissue does not affect Mac OS X systems. \nCVE-ID\nCVE-2011-0215 : Juan Pablo Lopez Yacubian working with iDefense VCP\n\nImageIO\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in ImageIO\u0027s handling of\nTIFF images. Viewing a maliciously crafted TIFF image may lead to an\nunexpected application termination or arbitrary code execution. For\nMac OS X v10.6 systems, this issue is addressed in Mac OS X v10.6.8. \nFor Mac OS X v10.5 systems, this issue is addressed in Security\nUpdate 2011-004. \nCVE-ID\nCVE-2011-0204 : Dominic Chell of NGS Secure\n\nlibxslt\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of addresses on the heap\nDescription: libxslt\u0027s implementation of the generate-id() XPath\nfunction disclosed the address of a heap buffer. Visiting a\nmaliciously crafted website may lead to the disclosure of addresses\non the heap. This issue is addressed by generating an ID based on the\ndifference between the addresses of two heap buffers. For Mac OS X\nv10.6 systems, this issue is addressed in Mac OS X v10.6.8. For Mac\nOS X v10.5 systems, this issue is addressed in Security Update\n2011-004. \nCVE-ID\nCVE-2011-0195 : Chris Evans of the Google Chrome Security Team\n\nlibxml\nAvailable for: Windows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A one-byte heap buffer overflow existed in libxml\u0027s\nhandling of XML data. Visiting a maliciously crafted website may lead\nto an unexpected application termination or arbitrary code execution. \nCVE-ID\nCVE-2011-0216 : Billy Rios of the Google Security Team\n\nSafari\nAvailable for: Mac OS X v10.6.8 or later,\nMac OS X Server v10.6.8 or later, Windows 7, Vista, XP SP2 or later\nImpact: If the \"AutoFill web forms\" feature is enabled, visiting a\nmaliciously crafted website and typing may lead to the disclosure of\ninformation from the user\u0027s Address Book\nDescription: Safari\u0027s \"AutoFill web forms\" feature filled in non-\nvisible form fields, and the information was accessible by scripts on\nthe site before the user submitted the form. This issue is addressed\nby displaying all fields that will be filled, and requiring the\nuser\u0027s consent before AutoFill information is available to the form. \nCVE-ID\nCVE-2011-0217 : Florian Rienhardt of BSI, Alex Lambert, [Jeremiah\nGrossman]\n\nSafari\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: With a certain Java configuration, visiting a malicious\nwebsite may lead to unexpected text being displayed on other sites\nDescription: A cross origin issue existed in the handling of Java\nApplets. This applies when Java is enabled in Safari, and Java is\nconfigured to run within the browser process. Fonts loaded by a Java\napplet could affect the display of text content from other sites. \nThis issue is addressed by running Java applets in a separate\nprocess. \nCVE-ID\nCVE-2011-0219 : Joshua Smith of Kaon Interactive\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nVisiting a maliciously crafted website may lead to an unexpected\napplication termination or arbitrary code execution. \nCVE-ID\nCVE-2010-1823 : David Weston of Microsoft and Microsoft Vulnerability\nResearch (MSVR), wushi of team509, and Yong Li of Research In Motion\nLtd\nCVE-2011-0164 : Apple\nCVE-2011-0218 : SkyLined of Google Chrome Security Team\nCVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS\nResearch Team, and Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0223 : Jose A. Vazquez of spa-s3c.blogspot.com working with\niDefense VCP\nCVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0232 : J23 working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-0233 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0234 : Rob King working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with iDefense VCP\nCVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0237 : wushi of team509 working with iDefense VCP\nCVE-2011-0238 : Adam Barth of Google Chrome Security Team\nCVE-2011-0240 : wushi of team509 working with iDefense VCP\nCVE-2011-0253 : Richard Keen\nCVE-2011-0254 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0255 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc\nCVE-2011-0983 : Martin Barbella\nCVE-2011-1109 : Sergey Glazunov\nCVE-2011-1114 : Martin Barbella\nCVE-2011-1115 : Martin Barbella\nCVE-2011-1117 : wushi of team509\nCVE-2011-1121 : miaubiz\nCVE-2011-1188 : Martin Barbella\nCVE-2011-1203 : Sergey Glazunov\nCVE-2011-1204 : Sergey Glazunov\nCVE-2011-1288 : Andreas Kling of Nokia\nCVE-2011-1293 : Sergey Glazunov\nCVE-2011-1296 : Sergey Glazunov\nCVE-2011-1449 : Marek Majkowski, wushi of team 509 working with\niDefense VCP\nCVE-2011-1451 : Sergey Glazunov\nCVE-2011-1453 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-1457 : John Knottenbelt of Google\nCVE-2011-1462 : wushi of team509\nCVE-2011-1797 : wushi of team509\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to arbitrary\ncode execution\nDescription: A configuration issue existed in WebKit\u0027s use of\nlibxslt. Visiting a maliciously crafted website may lead to arbitrary\nfiles being created with the privileges of the user, which may lead\nto arbitrary code execution. This issue is addressed through improved\nlibxslt security settings. \nCVE-ID\nCVE-2011-1774 : Nicolas Gregoire of Agarri\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to an\ninformation disclosure\nDescription: A cross-origin issue existed in the handling of Web\nWorkers. Visiting a maliciously crafted website may lead to an\ninformation disclosure. \nCVE-ID\nCVE-2011-1190 : Daniel Divricean of divricean.ro\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of URLs\nwith an embedded username. Visiting a maliciously crafted website may\nlead to a cross-site scripting attack. This issue is addressed\nthrough improved handling of URLs with an embedded username. \nCVE-ID\nCVE-2011-0242 : Jobert Abma of Online24\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of DOM\nnodes. Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack. \nCVE-ID\nCVE-2011-1295 : Sergey Glazunov\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: A maliciously crafted website may be able to cause a\ndifferent URL to be shown in the address bar\nDescription: A URL spoofing issue existed in the handling of the DOM\nhistory object. A maliciously crafted website may have been able to\ncause a different URL to be shown in the address bar. \nCVE-ID\nCVE-2011-1107 : Jordi Chancel\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Subscribing to a maliciously crafted RSS feed and clicking\non a link within it may lead to an information disclosure\nDescription: A canonicalization issue existed in the handling of\nURLs. Subscribing to a maliciously crafted RSS feed and clicking on a\nlink within it may lead to arbitrary files being sent from the user\u0027s\nsystem to a remote server. This update addresses the issue through\nimproved handling of URLs. \nCVE-ID\nCVE-2011-0244 : Jason Hullinger\n\nWebKit\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\nMac OS X v10.6.8 or later, Mac OS X Server v10.6.8 or later,\nWindows 7, Vista, XP SP2 or later\nImpact: Applications that use WebKit, such as mail clients, may\nconnect to an arbitrary DNS server upon processing HTML content\nDescription: DNS prefetching was enabled by default in WebKit. \nApplications that use WebKit, such a s mail clients, may connect to\nan arbitrary DNS server upon processing HTML content. This update\naddresses the issue by requiring applications to opt in to DNS\nprefetching. \nCVE-ID\nCVE-2010-3829 : Mike Cardwell of Cardwell IT Ltd. \n\n\nNote: Safari 5.1 is included with OS X Lion. \n\n\nSafari 5.1 and Safari 5.0.6 address the same set of security\nissues. Safari 5.1 is provided for Mac OS X v10.6,\nand Windows systems. Safari 5.0.6 is provided for\nMac OS X v10.5 systems. \n\nSafari 5.1 is available via the Apple Software Update\napplication, or Apple\u0027s Safari download site at:\nhttp://www.apple.com/safari/download/\n\nSafari 5.0.6 is available via the Apple Software Update\napplication, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nSafari for Mac OS X v10.6.8 and later\nThe download file is named: Safari5.1SnowLeopard.dmg\nIts SHA-1 digest is: 2c3cef8e06c5aa586379b1a5fd5cf7b54e8acc24\n\nSafari for Mac OS X v10.5.8\nThe download file is named: Safari5.0.6Leopard.dmg\nIts SHA-1 digest is: ea970375d2116a7b74094a2a7669bebc306b6e6f\n\nSafari for Windows 7, Vista or XP\nThe download file is named: SafariSetup.exe\nIts SHA-1 digest is: d00b791c694b1ecfc22d6a1ec9aa21cc14fd8e36\n\nSafari for Windows 7, Vista or XP from the Microsoft Choice Screen\nThe download file is named: Safari_Setup.exe\nIts SHA-1 digest is: ccb3bb6b06468a430171d9f62708a1a6d917f45b\n\nSafari+QuickTime for Windows 7, Vista or XP\nThe file is named: SafariQuickTimeSetup.exe\nIts SHA-1 digest is: 1273e0ee742a294d65e4f25a9b3e36f79fb517c9\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.9 (Darwin)\n\niQEcBAEBAgAGBQJOJI45AAoJEGnF2JsdZQeezHQIALKZms5tzYgYxUSdxmo+DmYw\nup9gAmEVcltZvCeVS1lUxfjqnRiGRSWyuou8Ynt9PfGQCz9GfLvzlrCHc5rsnKaD\nMeYY1IH7lQc6aqmV0hwb4nUL5qJntP6G5Ai0E/0UiRQNC/ummS+qnmdsiFo78ODY\nnKaB5cAWhqGHgOAPnUG0JwmxpYgR2HEtGYJSqlYykMwt1vnlAr5hHVNaUJcJ3Hlb\nvesN6fB7zQMiJVo8+iJBixCvIYlbII5HnVAmD1ToyKgENg4Iguo46YBMVr8DPgF/\nKD2s0+VF/O4utYVX0GiRGReVyq1PMvz/HI23ym8U3LjbezXD/AALQET0Q2hUEYQ=\n=fOfF\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2011-0164" }, { "db": "JVNDB", "id": "JVNDB-2011-001347" }, { "db": "BID", "id": "46703" }, { "db": "VULHUB", "id": "VHN-48109" }, { "db": "PACKETSTORM", "id": "103216" }, { "db": "PACKETSTORM", "id": "105708" } ], "trust": 2.16 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-0164", "trust": 3.0 }, { "db": "JVNDB", "id": "JVNDB-2011-001347", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201103-107", "trust": 0.7 }, { "db": "APPLE", "id": "APPLE-SA-2011-03-02-1", "trust": 0.6 }, { "db": "NSFOCUS", "id": "17909", "trust": 0.6 }, { "db": "BID", "id": "46703", "trust": 0.4 }, { "db": "VULHUB", "id": "VHN-48109", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "103216", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "105708", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-48109" }, { "db": "BID", "id": "46703" }, { "db": "JVNDB", "id": "JVNDB-2011-001347" }, { "db": "PACKETSTORM", "id": "103216" }, { "db": "PACKETSTORM", "id": "105708" }, { "db": "CNNVD", "id": "CNNVD-201103-107" }, { "db": "NVD", "id": "CVE-2011-0164" } ] }, "id": "VAR-201103-0265", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-48109" } ], "trust": 0.01 }, "last_update_date": "2024-11-23T20:12:22.840000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HT4554", "trust": 0.8, "url": "http://support.apple.com/kb/HT4554" }, { "title": "HT4808", "trust": 0.8, "url": "http://support.apple.com/kb/HT4808" }, { "title": "HT4554", "trust": 0.8, "url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001347" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-48109" }, { "db": "JVNDB", "id": "JVNDB-2011-001347" }, { "db": "NVD", "id": "CVE-2011-0164" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html" }, { "trust": 1.7, "url": "http://support.apple.com/kb/ht4554" }, { "trust": 1.1, "url": "http://lists.apple.com/archives/security-announce/2011//jul/msg00002.html" }, { "trust": 1.1, "url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00000.html" }, { "trust": 1.1, "url": "http://support.apple.com/kb/ht4808" }, { "trust": 1.1, "url": "http://support.apple.com/kb/ht4981" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a17482" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0164" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu781747/index.html" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu556020" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0164" }, { "trust": 0.6, "url": "http://www.nsfocus.net/vulndb/17909" }, { "trust": 0.3, "url": "http://www.apple.com/itunes/" }, { "trust": 0.3, "url": "http://www.webkit.org/" }, { "trust": 0.3, "url": "/archive/1/520068" }, { "trust": 0.3, "url": "http://lists.apple.com/archives/security-announce/2011/jul/msg00002.html" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0235" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0240" }, { "trust": 0.2, "url": "http://support.apple.com/kb/ht1222" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0237" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0200" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0238" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0233" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0234" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0223" }, { "trust": 0.2, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0215" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0204" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0222" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0164" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0221" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0218" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0225" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0232" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1823" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1420" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0206" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0214" }, { "trust": 0.1, "url": "http://www.apple.com/support/downloads/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0201" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0219" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0202" }, { "trust": 0.1, "url": "http://www.apple.com/safari/download/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0217" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0216" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1383" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0195" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3829" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0259" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0253" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0254" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0983" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1117" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1109" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1115" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1121" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0255" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0981" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1114" }, { "trust": 0.1, "url": "http://www.apple.com/itunes/download/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-48109" }, { "db": "BID", "id": "46703" }, { "db": "JVNDB", "id": "JVNDB-2011-001347" }, { "db": "PACKETSTORM", "id": "103216" }, { "db": "PACKETSTORM", "id": "105708" }, { "db": "CNNVD", "id": "CNNVD-201103-107" }, { "db": "NVD", "id": "CVE-2011-0164" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-48109" }, { "db": "BID", "id": "46703" }, { "db": "JVNDB", "id": "JVNDB-2011-001347" }, { "db": "PACKETSTORM", "id": "103216" }, { "db": "PACKETSTORM", "id": "105708" }, { "db": "CNNVD", "id": "CNNVD-201103-107" }, { "db": "NVD", "id": "CVE-2011-0164" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-03-03T00:00:00", "db": "VULHUB", "id": "VHN-48109" }, { "date": "2011-03-02T00:00:00", "db": "BID", "id": "46703" }, { "date": "2011-04-04T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-001347" }, { "date": "2011-07-21T14:16:35", "db": "PACKETSTORM", "id": "103216" }, { "date": "2011-10-12T02:01:36", "db": "PACKETSTORM", "id": "105708" }, { "date": "2011-03-04T00:00:00", "db": "CNNVD", "id": "CNNVD-201103-107" }, { "date": "2011-03-03T20:00:02.487000", "db": "NVD", "id": "CVE-2011-0164" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-09-19T00:00:00", "db": "VULHUB", "id": "VHN-48109" }, { "date": "2011-10-11T19:00:00", "db": "BID", "id": "46703" }, { "date": "2011-07-29T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-001347" }, { "date": "2011-03-08T00:00:00", "db": "CNNVD", "id": "CNNVD-201103-107" }, { "date": "2024-11-21T01:23:27.373000", "db": "NVD", "id": "CVE-2011-0164" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201103-107" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Windows Run on Apple iTunes of WebKit Vulnerable to arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-001347" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer overflow", "sources": [ { "db": "CNNVD", "id": "CNNVD-201103-107" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.