var-201110-0173
Vulnerability from variot
CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Apple Mac OS X is prone to a memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. A vulnerability exists in CoreFoundation in Apple iTunes versions prior to 10.5. Description: Multiple memory corruption issues existed in WebKit. Apple has released updates to address these vulnerabilities.
I. Apple has released updates to address these vulnerabilities.
II.
III. This advisory describes any known issues related to the updates and the specific impacts for each vulnerability. Administrators are encouraged to note these issues and impacts and test for any potentially adverse effects before wide-scale deployment.
IV. Please send email to cert@cert.org with "TA11-286A Feedback VU#421739" in the subject.
For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.
Produced 2011 by US-CERT, a government organization. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006
OS X Lion v10.7.2 and Security Update 2011-006 is now available and addresses the following:
Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Multiple vulnerabilities in Apache Description: Apache is updated to version 2.2.20 to address several vulnerabilities, the most serious of which may lead to a denial of service. Further information is available via the Apache web site at http://httpd.apache.org/ CVE-ID CVE-2011-0419 CVE-2011-3192
Application Firewall Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Executing a binary with a maliciously crafted name may lead to arbitrary code execution with elevated privileges Description: A format string vulnerability existed in Application Firewall's debug logging. CVE-ID CVE-2011-0185 : an anonymous reporter
ATS Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution Description: A signedness issue existed in ATS' handling of Type 1 fonts. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3437
ATS Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution Description: An out of bounds memory access issue existed in ATS' handling of Type 1 fonts. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0229 : Will Dormann of the CERT/CC
ATS Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Applications which use the ATSFontDeactivate API may be vulnerable to an unexpected application termination or arbitrary code execution Description: A buffer overflow issue existed in the ATSFontDeactivate API. CVE-ID CVE-2011-0230 : Steven Michaud of Mozilla
BIND Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Multiple vulnerabilities in BIND 9.7.3 Description: Multiple denial of service issues existed in BIND 9.7.3. These issues are addressed by updating BIND to version 9.7.3-P3. CVE-ID CVE-2011-1910 CVE-2011-2464
BIND Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in BIND Description: Multiple denial of service issues existed in BIND. These issues are addressed by updating BIND to version 9.6-ESV-R4-P3. Impact: Root certificates have been updated Description: Several trusted certificates were added to the list of system roots. Several existing certificates were updated to their most recent version. The complete list of recognized system roots may be viewed via the Keychain Access application.
CFNetwork Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Safari may store cookies it is not configured to accept Description: A synchronization issue existed in CFNetwork's handling of cookie policies. Safari's cookie preferences may not be honored, allowing websites to set cookies that would be blocked were the preference enforced. This update addresses the issue through improved handling of cookie storage. CVE-ID CVE-2011-0231 : Martin Tessarek, Steve Riggins of Geeks R Us, Justin C. Walker, and Stephen Creswell
CFNetwork Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Visiting a maliciously crafted website may lead to the disclosure of sensitive information Description: An issue existed in CFNetwork's handling of HTTP cookies. When accessing a maliciously crafted HTTP or HTTPS URL, CFNetwork could incorrectly send the cookies for a domain to a server outside that domain. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3246 : Erling Ellingsen of Facebook
CoreFoundation Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted website or e-mail message may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in CoreFoundation's handling of string tokenization. This issue does not affect OS X Lion systems. This update addresses the issue through improved bounds checking. CVE-ID CVE-2011-0259 : Apple
CoreMedia Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Visiting a maliciously crafted website may lead to the disclosure of video data from another site Description: A cross-origin issue existed in CoreMedia's handling of cross-site redirects. This issue is addressed through improved origin tracking. CVE-ID CVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR)
CoreMedia Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of QuickTime movie files. These issues do not affect OS X Lion systems. CVE-ID CVE-2011-0224 : Apple
CoreProcesses Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A person with physical access to a system may partially bypass the screen lock Description: A system window, such as a VPN password prompt, that appeared while the screen was locked may have accepted keystrokes while the screen was locked. This issue is addressed by preventing system windows from requesting keystrokes while the screen is locked. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-0260 : Clint Tseng of the University of Washington, Michael Kobb, and Adam Kemp
CoreStorage Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Converting to FileVault does not erase all existing data Description: After enabling FileVault, approximately 250MB at the start of the volume was left unencrypted on the disk in an unused area. Only data which was present on the volume before FileVault was enabled was left unencrypted. This issue is addressed by erasing this area when enabling FileVault, and on the first use of an encrypted volume affected by this issue. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3212 : Judson Powers of ATC-NY
File Systems Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: An attacker in a privileged network position may manipulate HTTPS server certificates, leading to the disclosure of sensitive information Description: An issue existed in the handling of WebDAV volumes on HTTPS servers. If the server presented a certificate chain that could not be automatically verified, a warning was displayed and the connection was closed. If the user clicked the "Continue" button in the warning dialog, any certificate was accepted on the following connection to that server. An attacker in a privileged network position may have manipulated the connection to obtain sensitive information or take action on the server on the user's behalf. This update addresses the issue by validating that the certificate received on the second connection is the same certificate originally presented to the user. CVE-ID CVE-2011-3213 : Apple
IOGraphics Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: A person with physical access may be able to bypass the screen lock Description: An issue existed with the screen lock when used with Apple Cinema Displays. When a password is required to wake from sleep, a person with physical access may be able to access the system without entering a password if the system is in display sleep mode. This update addresses the issue by ensuring that the lock screen is correctly activated in display sleep mode. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-3214 : Apple
iChat Server Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A remote attacker may cause the Jabber server to consume system resources disproportionately Description: An issue existed in the handling of XML external entities in jabberd2, a server for the Extensible Messaging and Presence Protocol (XMPP). jabberd2 expands external entities in incoming requests. This allows an attacker to consume system resources very quickly, denying service to legitimate users of the server. This update addresses the issue by disabling entity expansion in incoming requests. CVE-ID CVE-2011-1755
Kernel Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A person with physical access may be able to access the user's password Description: A logic error in the kernel's DMA protection permitted firewire DMA at loginwindow, boot, and shutdown, although not at screen lock. This update addresses the issue by preventing firewire DMA at all states where the user is not logged in. CVE-ID CVE-2011-3215 : Passware, Inc.
Kernel Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: An unprivileged user may be able to delete another user's files in a shared directory Description: A logic error existed in the kernel's handling of file deletions in directories with the sticky bit. CVE-ID CVE-2011-3216 : Gordon Davisson of Crywolf, Linc Davis, R. Dormer, and Allan Schmid and Oliver Jeckel of brainworks Training
libsecurity Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted website or e-mail message may lead to an unexpected application termination or arbitrary code execution Description: An error handling issue existed when parsing a nonstandard certificate revocation list extension. CVE-ID CVE-2011-3227 : Richard Godbee of Virginia Tech
Mailman Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in Mailman 2.1.14 Description: Multiple cross-site scripting issues existed in Mailman 2.1.14. These issues are addressed by improved encoding of characters in HTML output. Further information is available via the Mailman site at http://mail.python.org/pipermail/mailman- announce/2011-February/000158.html This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0707
MediaKit Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Opening a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the handling of disk images. These issues do not affect OS X Lion systems. CVE-ID CVE-2011-3217 : Apple
Open Directory Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Any user may read another local user's password data Description: An access control issue existed in Open Directory. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3435 : Arek Dreyer of Dreyer Network Consultants, Inc, and Patrick Dunstan at defenseindepth.net
Open Directory Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: An authenticated user may change that account's password without providing the current password Description: An access control issue existed in Open Directory. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3436 : Patrick Dunstan at defenceindepth.net
Open Directory Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A user may be able to log in without a password Description: When Open Directory is bound to an LDAPv3 server using RFC2307 or custom mappings, such that there is no AuthenticationAuthority attribute for a user, an LDAP user may be allowed to log in without a password. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3226 : Jeffry Strunk of The University of Texas at Austin, Steven Eppler of Colorado Mesa University, Hugh Cole-Baker, and Frederic Metoz of Institut de Biologie Structurale
PHP Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in FreeType's handling of Type 1 fonts. This issue is addressed by updating FreeType to version 2.4.6. This issue does not affect systems prior to OS X Lion. Further information is available via the FreeType site at http://www.freetype.org/ CVE-ID CVE-2011-0226
PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Multiple vulnerabilities in libpng 1.4.3 Description: libpng is updated to version 1.5.4 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-2690 CVE-2011-2691 CVE-2011-2692
PHP Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in PHP 5.3.4 Description: PHP is updated to version 5.3.6 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. This issues do not affect OS X Lion systems. Further information is available via the PHP website at http://www.php.net/ CVE-ID CVE-2010-3436 CVE-2010-4645 CVE-2011-0420 CVE-2011-0421 CVE-2011-0708 CVE-2011-1092 CVE-2011-1153 CVE-2011-1466 CVE-2011-1467 CVE-2011-1468 CVE-2011-1469 CVE-2011-1470 CVE-2011-1471
postfix Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: An attacker in a privileged network position may manipulate mail sessions, resulting in the disclosure of sensitive information Description: A logic issue existed in Postfix in the handling of the STARTTLS command. After receiving a STARTTLS command, Postfix may process other plain-text commands. An attacker in a privileged network position may manipulate the mail session to obtain sensitive information from the encrypted traffic. This update addresses the issue by clearing the command queue after processing a STARTTLS command. This issue does not affect OS X Lion systems. Further information is available via the Postfix site at http://www.postfix.org/announcements/postfix-2.7.3.html CVE-ID CVE-2011-0411
python Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Multiple vulnerabilities in python Description: Multiple vulnerabilities existed in python, the most serious of which may lead to arbitrary code execution. This update addresses the issues by applying patches from the python project. Further information is available via the python site at http://www.python.org/download/releases/ CVE-ID CVE-2010-1634 CVE-2010-2089 CVE-2011-1521
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in QuickTime's handling of movie files. CVE-ID CVE-2011-3228 : Apple
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of STSC atoms in QuickTime movie files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of STSS atoms in QuickTime movie files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0250 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of STSZ atoms in QuickTime movie files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0251 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of STTS atoms in QuickTime movie files. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-0252 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: An attacker in a privileged network position may inject script in the local domain when viewing template HTML Description: A cross-site scripting issue existed in QuickTime Player's "Save for Web" export. The template HTML files generated by this feature referenced a script file from a non-encrypted origin. An attacker in a privileged network position may be able to inject malicious scripts in the local domain if the user views a template file locally. This issue is resolved by removing the reference to an online script. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-3218 : Aaron Sigel of vtty.com
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of H.264 encoded movie files. CVE-ID CVE-2011-3219 : Damian Put working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to the disclosure of memory contents Description: An uninitialized memory access issue existed in QuickTime's handling of URL data handlers within movie files. CVE-ID CVE-2011-3220 : Luigi Auriemma working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An implementation issue existed in QuickTime's handling of the atom hierarchy within a movie file. CVE-ID CVE-2011-3221 : an anonymous researcher working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted FlashPix file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of FlashPix files. CVE-ID CVE-2011-3222 : Damian Put working with TippingPoint's Zero Day Initiative
QuickTime Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in QuickTime's handling of FLIC files. CVE-ID CVE-2011-3223 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero Day Initiative
SMB File Server Available for: OS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1 Impact: A guest user may browse shared folders Description: An access control issue existed in the SMB File Server. Disallowing guest access to the share point record for a folder prevented the '_unknown' user from browsing the share point but not guests (user 'nobody'). This issue is addressed by applying the access control to the guest user. This issue does not affect systems prior to OS X Lion. CVE-ID CVE-2011-3225
Tomcat Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: Multiple vulnerabilities in Tomcat 6.0.24 Description: Tomcat is updated to version 6.0.32 to address multiple vulnerabilities, the most serious of which may lead to a cross site scripting attack. This issue does not affect OS X Lion systems. Further information is available via the Tomcat site at http://tomcat.apache.org/ CVE-ID CVE-2010-1157 CVE-2010-2227 CVE-2010-3718 CVE-2010-4172 CVE-2011-0013 CVE-2011-0534
User Documentation Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8 Impact: An attacker in a privileged network position may manipulate App Store help content, leading to arbitrary code execution Description: App Store help content was updated over HTTP. This update addresses the issue by updating App Store help content over HTTPS. This issue does not affect OS X Lion systems. CVE-ID CVE-2011-3224 : Aaron Sigel of vtty.com
Web Server Available for: Mac OS X Server v10.6.8 Impact: Clients may be unable to access web services that require digest authentication Description: An issue in the handling of HTTP Digest authentication was addressed. Users may be denied access to the server's resources, when the server configuration should have allowed the access. This issue does not represent a security risk, and was addressed to facilitate the use of stronger authentication mechanisms. Systems running OS X Lion Server are not affected by this issue. These issues are addressed by updating libpng to version 1.5.4 on OS Lion systems, and to 1.2.46 on Mac OS X v10.6 systems. Further information is available via the libpng website at http://www.libpng.org/pub/png/libpng.html CVE-ID CVE-2011-2690 CVE-2011-2691 CVE-2011-2692
OS X Lion v10.7.2 also includes Safari 5.1.1. For information on the security content of Safari 5.1.1, please visit: http://support.apple.com/kb/HT5000
OS X Lion v10.7.2 and Security Update 2011-006 may be obtained from the Software Update pane in System Preferences, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
The Software Update utility will present the update that applies to your system configuration.
For OS X Lion v10.7.1 The download file is named: MacOSXUpd10.7.2.dmg Its SHA-1 digest is: 37f784e08d4461e83a891a7f8b8af24c2ceb8229
For OS X Lion v10.7 The download file is named: MacOSXUpdCombo10.7.2.dmg Its SHA-1 digest is: accd06d610af57df24f62ce7af261395944620eb
For OS X Lion Server v10.7.1 The download file is named: MacOSXServerUpd10.7.2.dmg Its SHA-1 digest is: e4084bf1dfa295a42f619224d149e515317955da
For OS X Lion Server v10.7 The download file is named: MacOSXServerUpdCombo10.7.2.dmg Its SHA-1 digest is: 25e86f5cf97b6644c7a025230431b1992962ec4a
For Mac OS X v10.6.8 The download file is named: SecUpd2011-006Snow.dmg Its SHA-1 digest is: 0f9c29610a06370d0c85a4c92dc278a48ba17a84
For Mac OS X Server v10.6.8 The download file is named: SecUpdSrvr2011-006.dmg Its SHA-1 digest is: 12de3732710bb03059f93527189d221c97ef8a06
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iQEcBAEBAgAGBQJOlc/zAAoJEGnF2JsdZQeeWFcH/RDHS+dCP8T4a92uYRIbs9T3 TFbT7hnOoTB0H+2eN3oziLNime2N4mO921heHobiAKSXv/luU41ZPHxVd6rE77Md /BHDqLv65RA0XFTIPmrTcfpLhI5UgXDLfOLrsmdwTm52l5zQZkoxufYFf3mB3h7U ZJUD1s081Pjy45/Cbao097+JrDwS7ahhgkvTmpmSvJK/wWRz4JtZkvIYcQ2uQFR4 sTg4l6pmi3d8sJJ4wzrEaxDpclRjvjURI4DiBMYwGAXeCMRgYi0y03tYtkjXoaSG 69h2yD8EXQBuJkDyouak7/M/eMwUfb2S6o1HyXTldjdvFBFvvwvl+Y3xp8YmDzU= =gsvn -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/
TITLE: Apple iTunes Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA46339
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46339/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46339
RELEASE DATE: 2011-10-13
DISCUSS ADVISORY: http://secunia.com/advisories/46339/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/46339/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46339
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Apple has reported multiple vulnerabilities in Apple iTunes, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system.
For more information: SA44375 (#8) SA45097 (#2) SA45325 SA45498 SA45698 (#2) SA46049 (#11) SA46171 (#6)
1) An error in the CoreFoundation component when handling string tokenization can be exploited to corrupt memory via a MitM (Man-in-the-Middle) attack.
2) An error in the CoreAudio component when handling Advanced Audio Coding (AAC) streams can be exploited to cause a buffer overflow.
3) An error in the CoreMedia component when handling H.264 encoded movie files can be exploited to cause a buffer overflow.
Successful exploitation of vulnerabilities #1 through #5 may allow execution of arbitrary code.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor.
The vendor also credits: 2) Luigi Auriemma via ZDI. 3) Damian Put via ZDI.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. CVE-ID CVE-2011-3254 : Rick Deacon
CFNetwork Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: User's AppleID password may be logged to a local file Description: A user's AppleID password and username were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials. CVE-ID CVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR)
Data Access Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An exchange mail cookie management issue could incorrectly cause data synchronization across different accounts Description: When multiple mail exchange accounts are configured which connect to the same server, a session could potentially receive a valid cookie corresponding to a different account. This issue is addressed by ensuring that cookies are separated across different accounts. CVE-ID CVE-2011-3257 : Bob Sielken of IBM
Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar.
Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Support for X.509 certificates with MD5 hashes may expose users to spoofing and information disclosure as attacks improve Description: Certificates signed using the MD5 hash algorithm were accepted by iOS. This algorithm has known cryptographic weaknesses. Further research or a misconfigured certificate authority could have allowed the creation of X.509 certificates with attacker controlled values that would have been trusted by the system. This would have exposed X.509 based protocols to spoofing, man in the middle attacks, and information disclosure. CVE-ID CVE-2011-3427
Data Security Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker could decrypt part of a SSL connection Description: Only the SSLv3 and TLS 1.0 versions of SSL were supported. These versions are subject to a protocol weakness when using block ciphers. A man-in-the-middle attacker could have injected invalid data, causing the connection to close but revealing some information about the previous data. If the same connection was attempted repeatedly the attacker may eventually have been able to decrypt the data being sent, such as a password. CVE-ID CVE-2011-3389
Home screen Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Switching between applications may lead to the disclosure of sensitive application information Description: When switching between applications with the four- finger app switching gesture, the display could have revealed the previous application state. This issue is addressed by ensuring that the system properly calls the applicationWillResignActive: method when transitioning between applications. CVE-ID CVE-2011-3431 : Abe White of Hedonic Software Inc. CVE-ID CVE-2011-0206 : David Bienvenu of Mozilla
Kernel Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A remote attacker may cause a device reset Description: The kernel failed to promptly reclaim memory from incomplete TCP connections. CVE-ID CVE-2011-3259 : Wouter van der Veer of Topicus I&I, and Josh Enders
Kernel Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A local user may be able to cause a system reset Description: A null dereference issue existed in the handling of IPV6 socket options. CVE-ID CVE-2011-1132 : Thomas Clement of Intego
Keyboards Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A user may be able to determine information about the last character of a password Description: The keyboard used to type the last character of a password was briefly displayed the next time the keyboard was used. CVE-ID CVE-2011-0184 : Tobias Klein working with iDefense VCP
Safari Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Opening maliciously crafted files on certain websites may lead to a cross-site scripting attack Description: iOS did not support the 'attachment' value for the HTTP Content-Disposition header. This header is used by many websites to serve files that were uploaded to the site by a third-party, such as attachments in web-based e-mail applications. CVE-ID CVE-2011-3426 : Christian Matthies working with iDefense VCP, Yoshinori Oota from Business Architects Inc working with JP/CERT
Settings Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: An attacker with physical access to a device may be able to recover the restrictions passcode Description: The parental restrictions functionality enforces UI restrictions. Configuring parental restrictions is protected by a passcode, which was previously stored in plaintext on disk. This issue is addressed by securely storing the parental restrictions passcode in the system keychain. CVE-ID CVE-2011-3429 : an anonymous reporter
Settings Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Misleading UI Description: Configurations and settings applied via configuration profiles did not appear to function properly under any non-English language. Settings could be improperly displayed as a result. CVE-ID CVE-2011-3430 : Florian Kreitmaier of Siemens CERT
UIKit Alerts Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a malicious website may cause an unexpected device hang Description: An excessive maximum text layout length permitted malicious websites to cause iOS to hang when drawing acceptance dialogs for very long tel: URIs. CVE-ID CVE-2011-0218 : SkyLined of Google Chrome Security Team CVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS Research Team, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0232 : J23 working with TippingPoint's Zero Day Initiative CVE-2011-0233 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0234 : Rob King working with TippingPoint's Zero Day Initiative, wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-0238 : Adam Barth of Google Chrome Security Team CVE-2011-0254 : An anonymous researcher working with TippingPoint's Zero Day Initiative CVE-2011-0255 : An anonymous reporter working with TippingPoint's Zero Day Initiative CVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc CVE-2011-0983 : Martin Barbella CVE-2011-1109 : Sergey Glazunov CVE-2011-1114 : Martin Barbella CVE-2011-1115 : Martin Barbella CVE-2011-1117 : wushi of team509 CVE-2011-1121 : miaubiz CVE-2011-1188 : Martin Barbella CVE-2011-1203 : Sergey Glazunov CVE-2011-1204 : Sergey Glazunov CVE-2011-1288 : Andreas Kling of Nokia CVE-2011-1293 : Sergey Glazunov CVE-2011-1296 : Sergey Glazunov CVE-2011-1449 : Marek Majkowski CVE-2011-1451 : Sergey Glazunov CVE-2011-1453 : wushi of team509 working with TippingPoint's Zero Day Initiative CVE-2011-1457 : John Knottenbelt of Google CVE-2011-1462 : wushi of team509 CVE-2011-1797 : wushi of team509 CVE-2011-2338 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2339 : Cris Neckar of the Google Chrome Security Team CVE-2011-2341 : Apple CVE-2011-2351 : miaubiz CVE-2011-2352 : Apple CVE-2011-2354 : Apple CVE-2011-2356 : Adam Barth and Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2011-2359 : miaubiz CVE-2011-2788 : Mikolaj Malecki of Samsung CVE-2011-2790 : miaubiz CVE-2011-2792 : miaubiz CVE-2011-2797 : miaubiz CVE-2011-2799 : miaubiz CVE-2011-2809 : Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-2813 : Cris Neckar of Google Chrome Security Team using AddressSanitizer CVE-2011-2814 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2816 : Apple CVE-2011-2817 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-2818 : Martin Barbella CVE-2011-2820 : Raman Tenneti and Philip Rogers of Google CVE-2011-2823 : SkyLined of Google Chrome Security Team CVE-2011-2827 : miaubiz CVE-2011-2831 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-3232 : Aki Helin of OUSPG CVE-2011-3234 : miaubiz CVE-2011-3235 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-3236 : Abhishek Arya (Inferno) of Google Chrome Security Team using AddressSanitizer CVE-2011-3237 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the Chromium development community, and Abhishek Arya (Inferno) of Google Chrome Security Team CVE-2011-3244 : vkouchna
WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-origin issue existed in the handling of URLs with an embedded username. CVE-ID CVE-2011-1295 : Sergey Glazunov
WebKit Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: A maliciously crafted website may be able to cause a different URL to be shown in the address bar Description: A URL spoofing issue existed in the handling of the DOM history object. Visiting a maliciously crafted website may lead to arbitrary files being created with the privileges of the user, which may lead to arbitrary code execution. CVE-ID CVE-2011-0166 : Michal Zalewski of Google Inc. CVE-ID CVE-2011-2800 : Juho Nurminen
WiFi Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later, iOS 3.2 through 4.3.5 for iPad Impact: WiFi credentials may be logged to a local file Description: WiFi credentials including the passphrase and encryption keys were logged to a file that was readable by applications on the system. This is resolved by no longer logging these credentials. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes will automatically check Apple's update server on its weekly schedule. When an update is detected, it will download it. When the iPhone, iPod touch or iPad is docked, iTunes will present the user with the option to install the update. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iPhone, iPod touch, or iPad.
The automatic update process may take up to a week depending on the day that iTunes checks for updates. You may manually obtain the update via the Check for Updates button within iTunes. After doing this, the update can be applied when your iPhone, iPod touch, or iPad is docked to your computer.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "5 (9A334)"
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201110-0173",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "4.6.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "4.7.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "4.8.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "4.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "4.5.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "4.9.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "4.7.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "9.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "8.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "8.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "10.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.4.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.7"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.7.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.2.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.7"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.2.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.7.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.0"
},
{
"model": "itunes",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.0.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.5.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.7.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.1.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.0.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.2.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "3.0 to 4.3.5 (iphone 3gs and iphone 4)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "3.1 to 4.3.5 (ipod touch (3rd generation) after )"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "3.2 to 4.3.5 (ipad for )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0.1.8"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "9.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0.2.20"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "8.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"model": "ipod touch",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "iphone",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ipad",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.9"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.8"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.7"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.6"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2.10"
},
{
"model": "ios beta",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "itunes",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"model": "ios",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "5"
}
],
"sources": [
{
"db": "BID",
"id": "50067"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-216"
},
{
"db": "NVD",
"id": "CVE-2011-0259"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple",
"sources": [
{
"db": "BID",
"id": "50067"
},
{
"db": "PACKETSTORM",
"id": "105708"
},
{
"db": "PACKETSTORM",
"id": "105738"
},
{
"db": "PACKETSTORM",
"id": "105736"
}
],
"trust": 0.6
},
"cve": "CVE-2011-0259",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CVE-2011-0259",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "VHN-48204",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-0259",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-0259",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201110-216",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-48204",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48204"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-216"
},
{
"db": "NVD",
"id": "CVE-2011-0259"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Apple Mac OS X is prone to a memory-corruption vulnerability. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. A vulnerability exists in CoreFoundation in Apple iTunes versions prior to 10.5. \nDescription: Multiple memory corruption issues existed in WebKit. Apple has\n released updates to address these vulnerabilities. \n\n\nI. Apple has released updates to address these\n vulnerabilities. \n\n\nII. \n\n\nIII. This advisory describes any known issues related to the\n updates and the specific impacts for each vulnerability. \n Administrators are encouraged to note these issues and impacts and\n test for any potentially adverse effects before wide-scale\n deployment. \n\n\nIV. Please send\n email to \u003ccert@cert.org\u003e with \"TA11-286A Feedback VU#421739\" in\n the subject. \n ____________________________________________________________________\n\n For instructions on subscribing to or unsubscribing from this\n mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n ____________________________________________________________________\n\n Produced 2011 by US-CERT, a government organization. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006\n\nOS X Lion v10.7.2 and Security Update 2011-006 is now available and\naddresses the following:\n\nApache\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Multiple vulnerabilities in Apache\nDescription: Apache is updated to version 2.2.20 to address several\nvulnerabilities, the most serious of which may lead to a denial of\nservice. Further\ninformation is available via the Apache web site at\nhttp://httpd.apache.org/\nCVE-ID\nCVE-2011-0419\nCVE-2011-3192\n\nApplication Firewall\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Executing a binary with a maliciously crafted name may lead\nto arbitrary code execution with elevated privileges\nDescription: A format string vulnerability existed in Application\nFirewall\u0027s debug logging. \nCVE-ID\nCVE-2011-0185 : an anonymous reporter\n\nATS\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Viewing or downloading a document containing a maliciously\ncrafted embedded font may lead to arbitrary code execution\nDescription: A signedness issue existed in ATS\u0027 handling of Type 1\nfonts. This issue does not affect systems prior to OS X Lion. \nCVE-ID\nCVE-2011-3437\n\nATS\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing or downloading a document containing a maliciously\ncrafted embedded font may lead to arbitrary code execution\nDescription: An out of bounds memory access issue existed in ATS\u0027\nhandling of Type 1 fonts. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0229 : Will Dormann of the CERT/CC\n\nATS\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Applications which use the ATSFontDeactivate API may be\nvulnerable to an unexpected application termination or arbitrary code\nexecution\nDescription: A buffer overflow issue existed in the\nATSFontDeactivate API. \nCVE-ID\nCVE-2011-0230 : Steven Michaud of Mozilla\n\nBIND\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Multiple vulnerabilities in BIND 9.7.3\nDescription: Multiple denial of service issues existed in BIND\n9.7.3. These issues are addressed by updating BIND to version\n9.7.3-P3. \nCVE-ID\nCVE-2011-1910\nCVE-2011-2464\n\nBIND\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Multiple vulnerabilities in BIND\nDescription: Multiple denial of service issues existed in BIND. \nThese issues are addressed by updating BIND to version 9.6-ESV-R4-P3. \nImpact: Root certificates have been updated\nDescription: Several trusted certificates were added to the list of\nsystem roots. Several existing certificates were updated to their\nmost recent version. The complete list of recognized system roots may\nbe viewed via the Keychain Access application. \n\nCFNetwork\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Safari may store cookies it is not configured to accept\nDescription: A synchronization issue existed in CFNetwork\u0027s handling\nof cookie policies. Safari\u0027s cookie preferences may not be honored,\nallowing websites to set cookies that would be blocked were the\npreference enforced. This update addresses the issue through improved\nhandling of cookie storage. \nCVE-ID\nCVE-2011-0231 : Martin Tessarek, Steve Riggins of Geeks R Us, Justin\nC. Walker, and Stephen Creswell\n\nCFNetwork\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of sensitive information\nDescription: An issue existed in CFNetwork\u0027s handling of HTTP\ncookies. When accessing a maliciously crafted HTTP or HTTPS URL,\nCFNetwork could incorrectly send the cookies for a domain to a server\noutside that domain. This issue does not affect systems prior to OS X\nLion. \nCVE-ID\nCVE-2011-3246 : Erling Ellingsen of Facebook\n\nCoreFoundation\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted website or e-mail message may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription: A memory corruption issue existed in CoreFoundation\u0027s\nhandling of string tokenization. This issue does not affect OS X Lion\nsystems. This update addresses the issue through improved bounds\nchecking. \nCVE-ID\nCVE-2011-0259 : Apple\n\nCoreMedia\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of video data from another site\nDescription: A cross-origin issue existed in CoreMedia\u0027s handling of\ncross-site redirects. This issue is addressed through improved origin\ntracking. \nCVE-ID\nCVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability\nResearch (MSVR)\n\nCoreMedia\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of QuickTime movie files. These issues do not affect OS X\nLion systems. \nCVE-ID\nCVE-2011-0224 : Apple\n\nCoreProcesses\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: A person with physical access to a system may partially\nbypass the screen lock\nDescription: A system window, such as a VPN password prompt, that\nappeared while the screen was locked may have accepted keystrokes\nwhile the screen was locked. This issue is addressed by preventing\nsystem windows from requesting keystrokes while the screen is locked. \nThis issue does not affect systems prior to OS X Lion. \nCVE-ID\nCVE-2011-0260 : Clint Tseng of the University of Washington, Michael\nKobb, and Adam Kemp\n\nCoreStorage\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Converting to FileVault does not erase all existing data\nDescription: After enabling FileVault, approximately 250MB at the\nstart of the volume was left unencrypted on the disk in an unused\narea. Only data which was present on the volume before FileVault was\nenabled was left unencrypted. This issue is addressed by erasing this\narea when enabling FileVault, and on the first use of an encrypted\nvolume affected by this issue. This issue does not affect systems\nprior to OS X Lion. \nCVE-ID\nCVE-2011-3212 : Judson Powers of ATC-NY\n\nFile Systems\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: An attacker in a privileged network position may manipulate\nHTTPS server certificates, leading to the disclosure of sensitive\ninformation\nDescription: An issue existed in the handling of WebDAV volumes on\nHTTPS servers. If the server presented a certificate chain that could\nnot be automatically verified, a warning was displayed and the\nconnection was closed. If the user clicked the \"Continue\" button in\nthe warning dialog, any certificate was accepted on the following\nconnection to that server. An attacker in a privileged network\nposition may have manipulated the connection to obtain sensitive\ninformation or take action on the server on the user\u0027s behalf. This\nupdate addresses the issue by validating that the certificate\nreceived on the second connection is the same certificate originally\npresented to the user. \nCVE-ID\nCVE-2011-3213 : Apple\n\nIOGraphics\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: A person with physical access may be able to bypass the\nscreen lock\nDescription: An issue existed with the screen lock when used with\nApple Cinema Displays. When a password is required to wake from\nsleep, a person with physical access may be able to access the system\nwithout entering a password if the system is in display sleep mode. \nThis update addresses the issue by ensuring that the lock screen is\ncorrectly activated in display sleep mode. This issue does not affect\nOS X Lion systems. \nCVE-ID\nCVE-2011-3214 : Apple\n\niChat Server\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: A remote attacker may cause the Jabber server to consume\nsystem resources disproportionately\nDescription: An issue existed in the handling of XML external\nentities in jabberd2, a server for the Extensible Messaging and\nPresence Protocol (XMPP). jabberd2 expands external entities in\nincoming requests. This allows an attacker to consume system\nresources very quickly, denying service to legitimate users of the\nserver. This update addresses the issue by disabling entity expansion\nin incoming requests. \nCVE-ID\nCVE-2011-1755\n\nKernel\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: A person with physical access may be able to access the\nuser\u0027s password\nDescription: A logic error in the kernel\u0027s DMA protection permitted\nfirewire DMA at loginwindow, boot, and shutdown, although not at\nscreen lock. This update addresses the issue by preventing firewire\nDMA at all states where the user is not logged in. \nCVE-ID\nCVE-2011-3215 : Passware, Inc. \n\nKernel\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: An unprivileged user may be able to delete another user\u0027s\nfiles in a shared directory\nDescription: A logic error existed in the kernel\u0027s handling of file\ndeletions in directories with the sticky bit. \nCVE-ID\nCVE-2011-3216 : Gordon Davisson of Crywolf, Linc Davis, R. Dormer,\nand Allan Schmid and Oliver Jeckel of brainworks Training\n\nlibsecurity\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted website or e-mail message may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription: An error handling issue existed when parsing a\nnonstandard certificate revocation list extension. \nCVE-ID\nCVE-2011-3227 : Richard Godbee of Virginia Tech\n\nMailman\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Multiple vulnerabilities in Mailman 2.1.14\nDescription: Multiple cross-site scripting issues existed in Mailman\n2.1.14. These issues are addressed by improved encoding of characters\nin HTML output. Further information is available via the Mailman site\nat http://mail.python.org/pipermail/mailman-\nannounce/2011-February/000158.html This issue does not affect OS X\nLion systems. \nCVE-ID\nCVE-2011-0707\n\nMediaKit\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Opening a maliciously crafted disk image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nhandling of disk images. These issues do not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-3217 : Apple\n\nOpen Directory\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Any user may read another local user\u0027s password data\nDescription: An access control issue existed in Open Directory. This\nissue does not affect systems prior to OS X Lion. \nCVE-ID\nCVE-2011-3435 : Arek Dreyer of Dreyer Network Consultants, Inc, and\nPatrick Dunstan at defenseindepth.net\n\nOpen Directory\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: An authenticated user may change that account\u0027s password\nwithout providing the current password\nDescription: An access control issue existed in Open Directory. This\nissue does not affect systems prior to OS X Lion. \nCVE-ID\nCVE-2011-3436 : Patrick Dunstan at defenceindepth.net\n\nOpen Directory\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: A user may be able to log in without a password\nDescription: When Open Directory is bound to an LDAPv3 server using\nRFC2307 or custom mappings, such that there is no\nAuthenticationAuthority attribute for a user, an LDAP user may be\nallowed to log in without a password. This issue does not affect\nsystems prior to OS X Lion. \nCVE-ID\nCVE-2011-3226 : Jeffry Strunk of The University of Texas at Austin,\nSteven Eppler of Colorado Mesa University, Hugh Cole-Baker, and\nFrederic Metoz of Institut de Biologie Structurale\n\nPHP\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted PDF file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A signedness issue existed in FreeType\u0027s handling of\nType 1 fonts. This issue is addressed by updating FreeType to version\n2.4.6. This issue does not affect systems prior to OS X Lion. Further\ninformation is available via the FreeType site at\nhttp://www.freetype.org/\nCVE-ID\nCVE-2011-0226\n\nPHP\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Multiple vulnerabilities in libpng 1.4.3\nDescription: libpng is updated to version 1.5.4 to address multiple\nvulnerabilities, the most serious of which may lead to arbitrary code\nexecution. Further information is available via the libpng website at\nhttp://www.libpng.org/pub/png/libpng.html\nCVE-ID\nCVE-2011-2690\nCVE-2011-2691\nCVE-2011-2692\n\nPHP\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Multiple vulnerabilities in PHP 5.3.4\nDescription: PHP is updated to version 5.3.6 to address multiple\nvulnerabilities, the most serious of which may lead to arbitrary code\nexecution. This issues do not affect OS X Lion systems. Further\ninformation is available via the PHP website at http://www.php.net/\nCVE-ID\nCVE-2010-3436\nCVE-2010-4645\nCVE-2011-0420\nCVE-2011-0421\nCVE-2011-0708\nCVE-2011-1092\nCVE-2011-1153\nCVE-2011-1466\nCVE-2011-1467\nCVE-2011-1468\nCVE-2011-1469\nCVE-2011-1470\nCVE-2011-1471\n\npostfix\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: An attacker in a privileged network position may manipulate\nmail sessions, resulting in the disclosure of sensitive information\nDescription: A logic issue existed in Postfix in the handling of the\nSTARTTLS command. After receiving a STARTTLS command, Postfix may\nprocess other plain-text commands. An attacker in a privileged\nnetwork position may manipulate the mail session to obtain sensitive\ninformation from the encrypted traffic. This update addresses the\nissue by clearing the command queue after processing a STARTTLS\ncommand. This issue does not affect OS X Lion systems. Further\ninformation is available via the Postfix site at\nhttp://www.postfix.org/announcements/postfix-2.7.3.html\nCVE-ID\nCVE-2011-0411\n\npython\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Multiple vulnerabilities in python\nDescription: Multiple vulnerabilities existed in python, the most\nserious of which may lead to arbitrary code execution. This update\naddresses the issues by applying patches from the python project. \nFurther information is available via the python site at\nhttp://www.python.org/download/releases/\nCVE-ID\nCVE-2010-1634\nCVE-2010-2089\nCVE-2011-1521\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in\nQuickTime\u0027s handling of movie files. \nCVE-ID\nCVE-2011-3228 : Apple\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in the handling of STSC\natoms in QuickTime movie files. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0249 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in the handling of STSS\natoms in QuickTime movie files. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0250 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in the handling of STSZ\natoms in QuickTime movie files. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0251 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in the handling of STTS\natoms in QuickTime movie files. This issue does not affect OS X Lion\nsystems. \nCVE-ID\nCVE-2011-0252 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: An attacker in a privileged network position may inject\nscript in the local domain when viewing template HTML\nDescription: A cross-site scripting issue existed in QuickTime\nPlayer\u0027s \"Save for Web\" export. The template HTML files generated by\nthis feature referenced a script file from a non-encrypted origin. An\nattacker in a privileged network position may be able to inject\nmalicious scripts in the local domain if the user views a template\nfile locally. This issue is resolved by removing the reference to an\nonline script. This issue does not affect OS X Lion systems. \nCVE-ID\nCVE-2011-3218 : Aaron Sigel of vtty.com\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in QuickTime\u0027s handling of\nH.264 encoded movie files. \nCVE-ID\nCVE-2011-3219 : Damian Put working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to the\ndisclosure of memory contents\nDescription: An uninitialized memory access issue existed in\nQuickTime\u0027s handling of URL data handlers within movie files. \nCVE-ID\nCVE-2011-3220 : Luigi Auriemma working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An implementation issue existed in QuickTime\u0027s handling\nof the atom hierarchy within a movie file. \nCVE-ID\nCVE-2011-3221 : an anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted FlashPix file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in QuickTime\u0027s handling of\nFlashPix files. \nCVE-ID\nCVE-2011-3222 : Damian Put working with TippingPoint\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 and v10.7.1, OS X Lion Server v10.7 and v10.7.1\nImpact: Viewing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in QuickTime\u0027s handling of\nFLIC files. \nCVE-ID\nCVE-2011-3223 : Matt \u0027j00ru\u0027 Jurczyk working with TippingPoint\u0027s Zero\nDay Initiative\n\nSMB File Server\nAvailable for: OS X Lion v10.7 and v10.7.1,\nOS X Lion Server v10.7 and v10.7.1\nImpact: A guest user may browse shared folders\nDescription: An access control issue existed in the SMB File Server. \nDisallowing guest access to the share point record for a folder\nprevented the \u0027_unknown\u0027 user from browsing the share point but not\nguests (user \u0027nobody\u0027). This issue is addressed by applying the\naccess control to the guest user. This issue does not affect systems\nprior to OS X Lion. \nCVE-ID\nCVE-2011-3225\n\nTomcat\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: Multiple vulnerabilities in Tomcat 6.0.24\nDescription: Tomcat is updated to version 6.0.32 to address multiple\nvulnerabilities, the most serious of which may lead to a cross site\nscripting attack. \nThis issue does not affect OS X Lion systems. Further information is\navailable via the Tomcat site at http://tomcat.apache.org/\nCVE-ID\nCVE-2010-1157\nCVE-2010-2227\nCVE-2010-3718\nCVE-2010-4172\nCVE-2011-0013\nCVE-2011-0534\n\nUser Documentation\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\nImpact: An attacker in a privileged network position may manipulate\nApp Store help content, leading to arbitrary code execution\nDescription: App Store help content was updated over HTTP. This\nupdate addresses the issue by updating App Store help content over\nHTTPS. This issue does not affect OS X Lion systems. \nCVE-ID\nCVE-2011-3224 : Aaron Sigel of vtty.com\n\nWeb Server\nAvailable for: Mac OS X Server v10.6.8\nImpact: Clients may be unable to access web services that require\ndigest authentication\nDescription: An issue in the handling of HTTP Digest authentication\nwas addressed. Users may be denied access to the server\u0027s resources,\nwhen the server configuration should have allowed the access. This\nissue does not represent a security risk, and was addressed to\nfacilitate the use of stronger authentication mechanisms. Systems\nrunning OS X Lion Server are not affected by this issue. These issues\nare addressed by updating libpng to version 1.5.4 on OS Lion systems,\nand to 1.2.46 on Mac OS X v10.6 systems. Further information is\navailable via the libpng website at\nhttp://www.libpng.org/pub/png/libpng.html\nCVE-ID\nCVE-2011-2690\nCVE-2011-2691\nCVE-2011-2692\n\nOS X Lion v10.7.2 also includes Safari 5.1.1. For information on\nthe security content of Safari 5.1.1, please visit:\nhttp://support.apple.com/kb/HT5000\n\nOS X Lion v10.7.2 and Security Update 2011-006 may be obtained from\nthe Software Update pane in System Preferences, or Apple\u0027s Software\nDownloads web site:\nhttp://www.apple.com/support/downloads/\n\nThe Software Update utility will present the update that applies\nto your system configuration. \n\nFor OS X Lion v10.7.1\nThe download file is named: MacOSXUpd10.7.2.dmg\nIts SHA-1 digest is: 37f784e08d4461e83a891a7f8b8af24c2ceb8229\n\nFor OS X Lion v10.7\nThe download file is named: MacOSXUpdCombo10.7.2.dmg\nIts SHA-1 digest is: accd06d610af57df24f62ce7af261395944620eb\n\nFor OS X Lion Server v10.7.1\nThe download file is named: MacOSXServerUpd10.7.2.dmg\nIts SHA-1 digest is: e4084bf1dfa295a42f619224d149e515317955da\n\nFor OS X Lion Server v10.7\nThe download file is named: MacOSXServerUpdCombo10.7.2.dmg\nIts SHA-1 digest is: 25e86f5cf97b6644c7a025230431b1992962ec4a\n\nFor Mac OS X v10.6.8\nThe download file is named: SecUpd2011-006Snow.dmg\nIts SHA-1 digest is: 0f9c29610a06370d0c85a4c92dc278a48ba17a84\n\nFor Mac OS X Server v10.6.8\nThe download file is named: SecUpdSrvr2011-006.dmg\nIts SHA-1 digest is: 12de3732710bb03059f93527189d221c97ef8a06\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\n\niQEcBAEBAgAGBQJOlc/zAAoJEGnF2JsdZQeeWFcH/RDHS+dCP8T4a92uYRIbs9T3\nTFbT7hnOoTB0H+2eN3oziLNime2N4mO921heHobiAKSXv/luU41ZPHxVd6rE77Md\n/BHDqLv65RA0XFTIPmrTcfpLhI5UgXDLfOLrsmdwTm52l5zQZkoxufYFf3mB3h7U\nZJUD1s081Pjy45/Cbao097+JrDwS7ahhgkvTmpmSvJK/wWRz4JtZkvIYcQ2uQFR4\nsTg4l6pmi3d8sJJ4wzrEaxDpclRjvjURI4DiBMYwGAXeCMRgYi0y03tYtkjXoaSG\n69h2yD8EXQBuJkDyouak7/M/eMwUfb2S6o1HyXTldjdvFBFvvwvl+Y3xp8YmDzU=\n=gsvn\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nOvum says ad hoc tools are out-dated. The best practice approach?\nFast vulnerability intelligence, threat handling, and setup in one tool. \n\nRead the new report on the Secunia VIM:\nhttp://secunia.com/products/corporate/vim/ovum_2011_request/ \n\n----------------------------------------------------------------------\n\nTITLE:\nApple iTunes Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA46339\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46339/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46339\n\nRELEASE DATE:\n2011-10-13\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46339/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46339/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46339\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nApple has reported multiple vulnerabilities in Apple iTunes, which\ncan be exploited by malicious people to disclose sensitive\ninformation, manipulate certain data, conduct cross-site scripting\nand spoofing attacks, bypass certain security restrictions, and\ncompromise a user\u0027s system. \n\nFor more information:\nSA44375 (#8)\nSA45097 (#2)\nSA45325\nSA45498\nSA45698 (#2)\nSA46049 (#11)\nSA46171 (#6)\n\n1) An error in the CoreFoundation component when handling string\ntokenization can be exploited to corrupt memory via a MitM\n(Man-in-the-Middle) attack. \n\n2) An error in the CoreAudio component when handling Advanced Audio\nCoding (AAC) streams can be exploited to cause a buffer overflow. \n\n3) An error in the CoreMedia component when handling H.264 encoded\nmovie files can be exploited to cause a buffer overflow. \n\nSuccessful exploitation of vulnerabilities #1 through #5 may allow\nexecution of arbitrary code. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\n1) Reported by the vendor. \n\nThe vendor also credits:\n2) Luigi Auriemma via ZDI. \n3) Damian Put via ZDI. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \nCVE-ID\nCVE-2011-3254 : Rick Deacon\n\nCFNetwork\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: User\u0027s AppleID password may be logged to a local file\nDescription: A user\u0027s AppleID password and username were logged to a\nfile that was readable by applications on the system. This is\nresolved by no longer logging these credentials. \nCVE-ID\nCVE-2011-0187 : Nirankush Panchbhai and Microsoft Vulnerability\nResearch (MSVR)\n\nData Access\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: An exchange mail cookie management issue could incorrectly\ncause data synchronization across different accounts\nDescription: When multiple mail exchange accounts are configured\nwhich connect to the same server, a session could potentially receive\na valid cookie corresponding to a different account. This issue is\naddressed by ensuring that cookies are separated across different\naccounts. \nCVE-ID\nCVE-2011-3257 : Bob Sielken of IBM\n\nData Security\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription: Fraudulent certificates were issued by multiple\ncertificate authorities operated by DigiNotar. \n\nData Security\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: Support for X.509 certificates with MD5 hashes may expose\nusers to spoofing and information disclosure as attacks improve\nDescription: Certificates signed using the MD5 hash algorithm were\naccepted by iOS. This algorithm has known cryptographic weaknesses. \nFurther research or a misconfigured certificate authority could have\nallowed the creation of X.509 certificates with attacker controlled\nvalues that would have been trusted by the system. This would have\nexposed X.509 based protocols to spoofing, man in the middle attacks,\nand information disclosure. \nCVE-ID\nCVE-2011-3427\n\nData Security\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: An attacker could decrypt part of a SSL connection\nDescription: Only the SSLv3 and TLS 1.0 versions of SSL were\nsupported. These versions are subject to a protocol weakness when\nusing block ciphers. A man-in-the-middle attacker could have injected\ninvalid data, causing the connection to close but revealing some\ninformation about the previous data. If the same connection was\nattempted repeatedly the attacker may eventually have been able to\ndecrypt the data being sent, such as a password. \nCVE-ID\nCVE-2011-3389\n\nHome screen\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: Switching between applications may lead to the disclosure of\nsensitive application information\nDescription: When switching between applications with the four-\nfinger app switching gesture, the display could have revealed the\nprevious application state. This issue is addressed by ensuring that\nthe system properly calls the applicationWillResignActive: method\nwhen transitioning between applications. \nCVE-ID\nCVE-2011-3431 : Abe White of Hedonic Software Inc. \nCVE-ID\nCVE-2011-0206 : David Bienvenu of Mozilla\n\nKernel\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: A remote attacker may cause a device reset\nDescription: The kernel failed to promptly reclaim memory from\nincomplete TCP connections. \nCVE-ID\nCVE-2011-3259 : Wouter van der Veer of Topicus I\u0026I, and Josh Enders\n\nKernel\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: A local user may be able to cause a system reset\nDescription: A null dereference issue existed in the handling of\nIPV6 socket options. \nCVE-ID\nCVE-2011-1132 : Thomas Clement of Intego\n\nKeyboards\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: A user may be able to determine information about the last\ncharacter of a password\nDescription: The keyboard used to type the last character of a\npassword was briefly displayed the next time the keyboard was used. \nCVE-ID\nCVE-2011-0184 : Tobias Klein working with iDefense VCP\n\nSafari\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: Opening maliciously crafted files on certain websites may\nlead to a cross-site scripting attack\nDescription: iOS did not support the \u0027attachment\u0027 value for the HTTP\nContent-Disposition header. This header is used by many websites to\nserve files that were uploaded to the site by a third-party, such as\nattachments in web-based e-mail applications. \nCVE-ID\nCVE-2011-3426 : Christian Matthies working with iDefense VCP,\nYoshinori Oota from Business Architects Inc working with JP/CERT\n\nSettings\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: An attacker with physical access to a device may be able to\nrecover the restrictions passcode\nDescription: The parental restrictions functionality enforces UI\nrestrictions. Configuring parental restrictions is protected by a\npasscode, which was previously stored in plaintext on disk. This\nissue is addressed by securely storing the parental restrictions\npasscode in the system keychain. \nCVE-ID\nCVE-2011-3429 : an anonymous reporter\n\nSettings\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: Misleading UI\nDescription: Configurations and settings applied via configuration\nprofiles did not appear to function properly under any non-English\nlanguage. Settings could be improperly displayed as a result. \nCVE-ID\nCVE-2011-3430 : Florian Kreitmaier of Siemens CERT\n\nUIKit Alerts\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: Visiting a malicious website may cause an unexpected device\nhang\nDescription: An excessive maximum text layout length permitted\nmalicious websites to cause iOS to hang when drawing acceptance\ndialogs for very long tel: URIs. \nCVE-ID\nCVE-2011-0218 : SkyLined of Google Chrome Security Team\nCVE-2011-0221 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0222 : Nikita Tarakanov and Alex Bazhanyuk of the CISS\nResearch Team, and Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0225 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0232 : J23 working with TippingPoint\u0027s Zero Day Initiative\nCVE-2011-0233 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0234 : Rob King working with TippingPoint\u0027s Zero Day\nInitiative, wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-0235 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-0238 : Adam Barth of Google Chrome Security Team\nCVE-2011-0254 : An anonymous researcher working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0255 : An anonymous reporter working with TippingPoint\u0027s\nZero Day Initiative\nCVE-2011-0981 : Rik Cabanier of Adobe Systems, Inc\nCVE-2011-0983 : Martin Barbella\nCVE-2011-1109 : Sergey Glazunov\nCVE-2011-1114 : Martin Barbella\nCVE-2011-1115 : Martin Barbella\nCVE-2011-1117 : wushi of team509\nCVE-2011-1121 : miaubiz\nCVE-2011-1188 : Martin Barbella\nCVE-2011-1203 : Sergey Glazunov\nCVE-2011-1204 : Sergey Glazunov\nCVE-2011-1288 : Andreas Kling of Nokia\nCVE-2011-1293 : Sergey Glazunov\nCVE-2011-1296 : Sergey Glazunov\nCVE-2011-1449 : Marek Majkowski\nCVE-2011-1451 : Sergey Glazunov\nCVE-2011-1453 : wushi of team509 working with TippingPoint\u0027s Zero Day\nInitiative\nCVE-2011-1457 : John Knottenbelt of Google\nCVE-2011-1462 : wushi of team509\nCVE-2011-1797 : wushi of team509\nCVE-2011-2338 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2339 : Cris Neckar of the Google Chrome Security Team\nCVE-2011-2341 : Apple\nCVE-2011-2351 : miaubiz\nCVE-2011-2352 : Apple\nCVE-2011-2354 : Apple\nCVE-2011-2356 : Adam Barth and Abhishek Arya of Google Chrome\nSecurity Team using AddressSanitizer\nCVE-2011-2359 : miaubiz\nCVE-2011-2788 : Mikolaj Malecki of Samsung\nCVE-2011-2790 : miaubiz\nCVE-2011-2792 : miaubiz\nCVE-2011-2797 : miaubiz\nCVE-2011-2799 : miaubiz\nCVE-2011-2809 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam\nCVE-2011-2813 : Cris Neckar of Google Chrome Security Team using\nAddressSanitizer\nCVE-2011-2814 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2816 : Apple\nCVE-2011-2817 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-2818 : Martin Barbella\nCVE-2011-2820 : Raman Tenneti and Philip Rogers of Google\nCVE-2011-2823 : SkyLined of Google Chrome Security Team\nCVE-2011-2827 : miaubiz\nCVE-2011-2831 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-3232 : Aki Helin of OUSPG\nCVE-2011-3234 : miaubiz\nCVE-2011-3235 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the\nChromium development community, and Abhishek Arya (Inferno) of Google\nChrome Security Team\nCVE-2011-3236 : Abhishek Arya (Inferno) of Google Chrome Security\nTeam using AddressSanitizer\nCVE-2011-3237 : Dimitri Glazkov, Kent Tamura, Dominic Cooney of the\nChromium development community, and Abhishek Arya (Inferno) of Google\nChrome Security Team\nCVE-2011-3244 : vkouchna\n\nWebKit\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-origin issue existed in the handling of URLs\nwith an embedded username. \nCVE-ID\nCVE-2011-1295 : Sergey Glazunov\n\nWebKit\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: A maliciously crafted website may be able to cause a\ndifferent URL to be shown in the address bar\nDescription: A URL spoofing issue existed in the handling of the DOM\nhistory object. Visiting a maliciously crafted website may lead to arbitrary\nfiles being created with the privileges of the user, which may lead\nto arbitrary code execution. \nCVE-ID\nCVE-2011-0166 : Michal Zalewski of Google Inc. \nCVE-ID\nCVE-2011-2800 : Juho Nurminen\n\nWiFi\nAvailable for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4,\niOS 3.1 through 4.3.5 for iPod touch (3rd generation) and later,\niOS 3.2 through 4.3.5 for iPad\nImpact: WiFi credentials may be logged to a local file\nDescription: WiFi credentials including the passphrase and\nencryption keys were logged to a file that was readable by\napplications on the system. This is resolved by no longer logging\nthese credentials. Make sure you have an Internet connection and have\ninstalled the latest version of iTunes from www.apple.com/itunes/\n\niTunes will automatically check Apple\u0027s update server on its weekly\nschedule. When an update is detected, it will download it. When\nthe iPhone, iPod touch or iPad is docked, iTunes will present the\nuser with the option to install the update. We recommend applying\nthe update immediately if possible. Selecting Don\u0027t Install will\npresent the option the next time you connect your iPhone, iPod touch,\nor iPad. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes checks for updates. You may manually obtain the\nupdate via the Check for Updates button within iTunes. After doing\nthis, the update can be applied when your iPhone, iPod touch, or iPad\nis docked to your computer. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update will be\n\"5 (9A334)\"",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0259"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"db": "BID",
"id": "50067"
},
{
"db": "VULHUB",
"id": "VHN-48204"
},
{
"db": "PACKETSTORM",
"id": "105708"
},
{
"db": "PACKETSTORM",
"id": "105790"
},
{
"db": "PACKETSTORM",
"id": "105738"
},
{
"db": "PACKETSTORM",
"id": "105723"
},
{
"db": "PACKETSTORM",
"id": "105736"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0259",
"trust": 3.1
},
{
"db": "BID",
"id": "50067",
"trust": 1.4
},
{
"db": "USCERT",
"id": "TA11-286A",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002452",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201110-216",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "46339",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "17909",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2011-10-11-1",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-48204",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105708",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105790",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105738",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105723",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105736",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48204"
},
{
"db": "BID",
"id": "50067"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"db": "PACKETSTORM",
"id": "105708"
},
{
"db": "PACKETSTORM",
"id": "105790"
},
{
"db": "PACKETSTORM",
"id": "105738"
},
{
"db": "PACKETSTORM",
"id": "105723"
},
{
"db": "PACKETSTORM",
"id": "105736"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-216"
},
{
"db": "NVD",
"id": "CVE-2011-0259"
}
]
},
"id": "VAR-201110-0173",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48204"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T19:38:43.651000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT4981",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4981"
},
{
"title": "HT4999",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT4999"
},
{
"title": "HT5002",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5002"
},
{
"title": "iTunesSetup",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40891"
},
{
"title": "iTunes64Setup",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=40890"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-216"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48204"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"db": "NVD",
"id": "CVE-2011-0259"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://support.apple.com/kb/ht4981"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00000.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2011//oct/msg00003.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/50067"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4999"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht5002"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16919"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0259"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu706419"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnta11-286a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu177979"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0259"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/46339"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/17909"
},
{
"trust": 0.3,
"url": "http://software.cisco.com/download/navigator.html?mdfid=283613663"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0259"
},
{
"trust": 0.3,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.3,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0235"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0254"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0238"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0983"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1117"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1109"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1115"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0233"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0234"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0255"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0981"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0222"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1114"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0221"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0218"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0225"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0232"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0187"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0253"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0240"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0237"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0200"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1121"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0223"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0215"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0204"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0164"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1823"
},
{
"trust": 0.1,
"url": "http://www.apple.com/itunes/download/"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta11-286a.html\u003e"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1338\u003e"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht5002\u003e"
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/cas/signup.html\u003e."
},
{
"trust": 0.1,
"url": "http://www.us-cert.gov/legal.html\u003e"
},
{
"trust": 0.1,
"url": "http://tomcat.apache.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0185"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0411"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0230"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0226"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3718"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0097"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0231"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4022"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht5000"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2089"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0229"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2227"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0251"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3613"
},
{
"trust": 0.1,
"url": "http://www.freetype.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0419"
},
{
"trust": 0.1,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3614"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1634"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3436"
},
{
"trust": 0.1,
"url": "http://www.libpng.org/pub/png/libpng.html"
},
{
"trust": 0.1,
"url": "http://www.php.net/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-4172"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0249"
},
{
"trust": 0.1,
"url": "http://mail.python.org/pipermail/mailman-"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0250"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0013"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1157"
},
{
"trust": 0.1,
"url": "http://www.postfix.org/announcements/postfix-2.7.3.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0252"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0224"
},
{
"trust": 0.1,
"url": "http://www.python.org/download/releases/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46339/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46339"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46339/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/ovum_2011_request/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://www.apple.com/itunes/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0184"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0206"
},
{
"trust": 0.1,
"url": "https://www.trapkit.de"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0166"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0242"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0241"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0216"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1107"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0208"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0192"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48204"
},
{
"db": "BID",
"id": "50067"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"db": "PACKETSTORM",
"id": "105708"
},
{
"db": "PACKETSTORM",
"id": "105790"
},
{
"db": "PACKETSTORM",
"id": "105738"
},
{
"db": "PACKETSTORM",
"id": "105723"
},
{
"db": "PACKETSTORM",
"id": "105736"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-216"
},
{
"db": "NVD",
"id": "CVE-2011-0259"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-48204"
},
{
"db": "BID",
"id": "50067"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"db": "PACKETSTORM",
"id": "105708"
},
{
"db": "PACKETSTORM",
"id": "105790"
},
{
"db": "PACKETSTORM",
"id": "105738"
},
{
"db": "PACKETSTORM",
"id": "105723"
},
{
"db": "PACKETSTORM",
"id": "105736"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-216"
},
{
"db": "NVD",
"id": "CVE-2011-0259"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-48204"
},
{
"date": "2011-10-11T00:00:00",
"db": "BID",
"id": "50067"
},
{
"date": "2011-10-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"date": "2011-10-12T02:01:36",
"db": "PACKETSTORM",
"id": "105708"
},
{
"date": "2011-10-14T05:50:20",
"db": "PACKETSTORM",
"id": "105790"
},
{
"date": "2011-10-13T02:35:35",
"db": "PACKETSTORM",
"id": "105738"
},
{
"date": "2011-10-12T05:48:44",
"db": "PACKETSTORM",
"id": "105723"
},
{
"date": "2011-10-13T02:28:22",
"db": "PACKETSTORM",
"id": "105736"
},
{
"date": "2011-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-216"
},
{
"date": "2011-10-12T18:55:01.177000",
"db": "NVD",
"id": "CVE-2011-0259"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-48204"
},
{
"date": "2015-03-19T08:46:00",
"db": "BID",
"id": "50067"
},
{
"date": "2011-10-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002452"
},
{
"date": "2011-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-216"
},
{
"date": "2024-11-21T01:23:39.340000",
"db": "NVD",
"id": "CVE-2011-0259"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201110-216"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apple iTunes Used in CoreFoundation Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002452"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201110-216"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.