var-201207-0273
Vulnerability from variot
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. WebKit is prone to multiple unspecified remote code-execution vulnerabilities. Attackers can exploit these issues by performing a man-in-the-middle attack. Successful attacks will result in arbitrary code execution; failed attacks may cause denial-of-service conditions. Note: This issue was previously discussed in BID 54669 (Apple Safari Prior to 6.0 Multiple Security Vulnerabilities), but has been given its own record to better document it. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. Vulnerabilities exist in using WebKit in versions prior to Apple Safari 6.0. ============================================================================ Ubuntu Security Notice USN-1617-1 October 25, 2012
webkit vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Multiple security vulnerabilities were fixed in WebKit.
Software Description: - webkit: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKit browser and JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libjavascriptcoregtk-1.0-0 1.8.3-0ubuntu0.12.04.1 libjavascriptcoregtk-3.0-0 1.8.3-0ubuntu0.12.04.1 libwebkitgtk-1.0-0 1.8.3-0ubuntu0.12.04.1 libwebkitgtk-3.0-0 1.8.3-0ubuntu0.12.04.1
After a standard system update you need to restart your session to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1617-1 CVE-2011-3031, CVE-2011-3038, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3051, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3076, CVE-2011-3081, CVE-2011-3086, CVE-2011-3090, CVE-2012-1521, CVE-2012-3598, CVE-2012-3601, CVE-2012-3604, CVE-2012-3611, CVE-2012-3612, CVE-2012-3617, CVE-2012-3625, CVE-2012-3626, CVE-2012-3627, CVE-2012-3628, CVE-2012-3645, CVE-2012-3652, CVE-2012-3657, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671, CVE-2012-3672, CVE-2012-3674, CVE-2012-3674, https://launchpad.net/bugs/1058339
Package Information: https://launchpad.net/ubuntu/+source/webkit/1.8.3-0ubuntu0.12.04.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0273",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "safari",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "5.1.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.1.6"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "5.1.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.0.4b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "3.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.2b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.1b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.1.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.1b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.5"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.2b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0b1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.3.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.2b"
},
{
"model": "safari",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "5.1.7"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.3b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.0b1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.0b"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.2"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.2.0"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "1.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.2.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3"
},
{
"model": "safari",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "3.0.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.9,
"vendor": "apple",
"version": "5.1.7"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6 (ipad 2 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6 (iphone 3gs or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6 (ipod touch first 4 after generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.7"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.0 (mac os)"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.5"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.3"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.2"
},
{
"model": "open source project webkit r82222",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r77705",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r52833",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r52401",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r51295",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r38566",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.x"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.2-1"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.7"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.5"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.6"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.5"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.4"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.3"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.2"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "safari for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0"
},
{
"model": "tv",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.4"
}
],
"sources": [
{
"db": "BID",
"id": "54680"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-506"
},
{
"db": "NVD",
"id": "CVE-2012-3645"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dave Mandelin of Mozilla, Martin Barbella of the Google Chrome Security Team using AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP, Skylined of the Google Chrome Security Team, Apple Product Security, miaubiz, Martin Bar",
"sources": [
{
"db": "BID",
"id": "54680"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3645",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-3645",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-56926",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-3645",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-3645",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201207-506",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-56926",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56926"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-506"
},
{
"db": "NVD",
"id": "CVE-2012-3645"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. WebKit is prone to multiple unspecified remote code-execution vulnerabilities. \nAttackers can exploit these issues by performing a man-in-the-middle attack. Successful attacks will result in arbitrary code execution; failed attacks may cause denial-of-service conditions. \nNote: This issue was previously discussed in BID 54669 (Apple Safari Prior to 6.0 Multiple Security Vulnerabilities), but has been given its own record to better document it. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. Vulnerabilities exist in using WebKit in versions prior to Apple Safari 6.0. ============================================================================\nUbuntu Security Notice USN-1617-1\nOctober 25, 2012\n\nwebkit vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nMultiple security vulnerabilities were fixed in WebKit. \n\nSoftware Description:\n- webkit: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKit browser and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n libjavascriptcoregtk-1.0-0 1.8.3-0ubuntu0.12.04.1\n libjavascriptcoregtk-3.0-0 1.8.3-0ubuntu0.12.04.1\n libwebkitgtk-1.0-0 1.8.3-0ubuntu0.12.04.1\n libwebkitgtk-3.0-0 1.8.3-0ubuntu0.12.04.1\n\nAfter a standard system update you need to restart your session to make all\nthe necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-1617-1\n CVE-2011-3031, CVE-2011-3038, CVE-2011-3042, CVE-2011-3043,\n CVE-2011-3044, CVE-2011-3051, CVE-2011-3053, CVE-2011-3059,\n CVE-2011-3060, CVE-2011-3064, CVE-2011-3067, CVE-2011-3076,\n CVE-2011-3081, CVE-2011-3086, CVE-2011-3090, CVE-2012-1521,\n CVE-2012-3598, CVE-2012-3601, CVE-2012-3604, CVE-2012-3611,\n CVE-2012-3612, CVE-2012-3617, CVE-2012-3625, CVE-2012-3626,\n CVE-2012-3627, CVE-2012-3628, CVE-2012-3645, CVE-2012-3652,\n CVE-2012-3657, CVE-2012-3669, CVE-2012-3670, CVE-2012-3671,\n CVE-2012-3672, CVE-2012-3674, CVE-2012-3674, https://launchpad.net/bugs/1058339\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/webkit/1.8.3-0ubuntu0.12.04.1\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3645"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
},
{
"db": "BID",
"id": "54680"
},
{
"db": "VULHUB",
"id": "VHN-56926"
},
{
"db": "PACKETSTORM",
"id": "117673"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3645",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003362",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201207-506",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2012-07-25-1",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20163",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20147",
"trust": 0.6
},
{
"db": "BID",
"id": "54680",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-56926",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117673",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56926"
},
{
"db": "BID",
"id": "54680"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
},
{
"db": "PACKETSTORM",
"id": "117673"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-506"
},
{
"db": "NVD",
"id": "CVE-2012-3645"
}
]
},
"id": "VAR-201207-0273",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56926"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:42:41.092000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2012-07-25-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
},
{
"title": "HT5503",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5503"
},
{
"title": "HT5485",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5485"
},
{
"title": "HT5400",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5400"
},
{
"title": "HT5400",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5400?viewlocale=ja_JP"
},
{
"title": "HT5503",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5503?viewlocale=ja_JP"
},
{
"title": "HT5485",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5485?viewlocale=ja_JP"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56926"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
},
{
"db": "NVD",
"id": "CVE-2012-3645"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/jul/msg00000.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht5400"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00001.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00003.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht5485"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht5503"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3645"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu864819"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu624491"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3645"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20163"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20147"
},
{
"trust": 0.3,
"url": "http://www.apple.com/safari/download/"
},
{
"trust": 0.3,
"url": "http://www.webkit.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3059"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3067"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3051"
},
{
"trust": 0.1,
"url": "http://www.ubuntu.com/usn/usn-1617-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3628"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3598"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3060"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3031"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3038"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3645"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3064"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3043"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3090"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1058339"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3626"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1521"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3053"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3611"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3076"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3604"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3601"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3081"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3652"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3617"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/webkit/1.8.3-0ubuntu0.12.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3042"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3627"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3612"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56926"
},
{
"db": "BID",
"id": "54680"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
},
{
"db": "PACKETSTORM",
"id": "117673"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-506"
},
{
"db": "NVD",
"id": "CVE-2012-3645"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56926"
},
{
"db": "BID",
"id": "54680"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
},
{
"db": "PACKETSTORM",
"id": "117673"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-506"
},
{
"db": "NVD",
"id": "CVE-2012-3645"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-25T00:00:00",
"db": "VULHUB",
"id": "VHN-56926"
},
{
"date": "2012-07-25T00:00:00",
"db": "BID",
"id": "54680"
},
{
"date": "2012-07-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003362"
},
{
"date": "2012-10-25T20:48:27",
"db": "PACKETSTORM",
"id": "117673"
},
{
"date": "2012-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-506"
},
{
"date": "2012-07-25T20:55:03.820000",
"db": "NVD",
"id": "CVE-2012-3645"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-22T00:00:00",
"db": "VULHUB",
"id": "VHN-56926"
},
{
"date": "2012-10-25T18:40:00",
"db": "BID",
"id": "54680"
},
{
"date": "2012-10-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003362"
},
{
"date": "2012-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201207-506"
},
{
"date": "2024-11-21T01:41:19.363000",
"db": "NVD",
"id": "CVE-2012-3645"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "117673"
},
{
"db": "CNNVD",
"id": "CNNVD-201207-506"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Used in products WebKit Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003362"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201207-506"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…