var-201209-0166
Vulnerability from variot
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. An attacker can exploit these issues by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application. Few technical details are currently available. We will update this BID when more information emerges. Successful exploits will allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. Vulnerabilities exist in using WebKit in versions prior to Apple iTunes 10.7. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-01-28-1 iOS 6.1 Software Update
iOS 6.1 Software Update is now available and addresses the following:
Identity Services Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Authentication relying on certificate-based Apple ID authentication may be bypassed Description: An error handling issue existed in Identity Services. If the user's AppleID certificate failed to validate, the user's AppleID was assumed to be the empty string. If multiple systems belonging to different users enter this state, applications relying on this identity determination may erroneously extend trust. This issue was addressed by ensuring that NULL is returned instead of an empty string. CVE-ID CVE-2013-0963
International Components for Unicode Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A canonicalization issue existed in the handling of the EUC-JP encoding, which could lead to a cross-site scripting attack on EUC-JP encoded websites. This issue was addressed by updating the EUC-JP mapping table. CVE-ID CVE-2011-3058 : Masato Kinugawa
Kernel Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: A user-mode process may be able to access the first page of kernel memory Description: The iOS kernel has checks to validate that the user- mode pointer and length passed to the copyin and copyout functions would not result in a user-mode process being able to directly access kernel memory. The checks were not being used if the length was smaller than one page. This issue was addressed through additional validation of the arguments to copyin and copyout. CVE-ID CVE-2013-0964 : Mark Dowd of Azimuth Security
Security Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Several intermediate CA certificates were mistakenly issued by TURKTRUST. This may allow a man-in-the-middle attacker to redirect connections and intercept user credentials or other sensitive information. This issue was addressed by not allowing the incorrect SSL certificates.
StoreKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: JavaScript may be enabled in Mobile Safari without user interaction Description: If a user disabled JavaScript in Safari Preferences, visiting a site which displayed a Smart App Banner would re-enable JavaScript without warning the user. This issue was addressed by not enabling JavaScript when visiting a site with a Smart App Banner. CVE-ID CVE-2013-0974 : Andrew Plotkin of Zarfhome Software Consulting, Ben Madison of BitCloud, Marek Durcek
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling. CVE-ID CVE-2012-2824 : miaubiz CVE-2012-2857 : Arthur Gerkis CVE-2012-3606 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3607 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3621 : Skylined of the Google Chrome Security Team CVE-2012-3632 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2012-3687 : kuzzcc CVE-2012-3701 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0951 : Apple CVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the Google Chrome Security Team CVE-2013-0955 : Apple CVE-2013-0956 : Apple Product Security CVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security Team CVE-2013-0968 : Aaron Nelson
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Copying and pasting content on a malicious website may lead to a cross-site scripting attack Description: A cross-site scripting issue existed in the handling of content pasted from a different origin. This issue was addressed through additional validation of pasted content. CVE-ID CVE-2013-0962 : Mario Heiderich of Cure53
WebKit Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-site scripting issue existed in the handling of frame elements. This issue was addressed through improved origin tracking. CVE-ID CVE-2012-2889 : Sergey Glazunov
WiFi Available for: iPhone 3GS, iPhone 4, iPod touch (4th generation), iPad 2 Impact: A remote attacker on the same WiFi network may be able to temporarily disable WiFi Description: An out of bounds read issue exists in Broadcom's BCM4325 and BCM4329 firmware's handling of 802.11i information elements. This issue was addressed through additional validation of 802.11i information elements. CVE-ID CVE-2012-2619 : Andres Blanco and Matias Eissler of Core Security
Installation note:
This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from www.apple.com/itunes/
iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
- Navigate to Settings
- Select General
- Select About. The version after applying this update will be "6.1".
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJRBffvAAoJEPefwLHPlZEwzYgP/0qhsTft9TUGuphoY9tth5WB D0+8pAKs+1HU+nMOaEKPbK+zdMxblhRNPQyhMuTAQaY5Z/iGn1EXVCTlQBO8esRW epxNZuhFoaW4wzK9kvw5d/HZ9tfq059ozlFOp1TI2D6J5RwNgxDfigt2PUKCTV4X u/BONQHIfINYMofgf5897LHYYFSU2+NJj5ouM5dY4Y/kfJkwAnG5AWCAGlEt3QOo MZdaVv3/itPj4te838FYCVAepel3xBWX0Hhuu87+waHslRrIfQl+EvNk3YZXxWiF O5Hw9Ng/H8n0sbeA39w0U8tw+q/wPhVexdULgRjBH65+6g7Cu5u+rMuYuRjl8fO/ glLhKZNSrQDa5ZNOraOrF62AFVByHaSxv4cZwo262/6uH93FIBtklMt947GMVQLC 1FT0CIGNJb1/0156bvsABfRScBtK9ZdIUjXhOHMinhQJX3qiBqyKc4/juYPmC9VC KXk2/K8b0sGWQRc5RuQsSpzkZF9WcrwmgGOBIghp2DLmbAAj0uh2Ttf1GdrOaajR XpZ2TTJ5qE+IHNU0/etroTYnzjKVjQ0pODrPZj7ALLXULTraXJRJy7fqraUzsHbi AZiRca+3x/S9nqV0NpTNPZgTwxenox10t0w5vhcBK+SPGga1oVRbtOjGtVIkgoG4 KI3sdgb6PtpZWuIJ6iZA =J2jv -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201209-0166",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "itunes",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "10.5.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "10.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.9,
"vendor": "apple",
"version": "10.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.1.1.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.2.2.12"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.1.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.6,
"vendor": "apple",
"version": "10.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "10.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.3,
"vendor": "apple",
"version": "10.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.0.1"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.0.80"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.5.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.2.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.1.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.2.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.5.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.7.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.9.0"
},
{
"model": "iphone os",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.7.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.7"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.2.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.6"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "8.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.0.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.5"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.6.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.7.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.7"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.5.1.42"
},
{
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.7.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "itunes",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.5.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.1.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.7.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.5.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.3.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.2"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.6.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.1.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.8.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.6.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.4.1.10"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "6.0.4"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "9.0.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "4.0.0"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.3"
},
{
"model": "itunes",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "7.0.2"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.1 (ipad 2 or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.1 (iphone 3gs or later )"
},
{
"model": "ios",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.1 (ipod touch first 4 after generation )"
},
{
"model": "itunes",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "10.7"
},
{
"model": "safari",
"scope": "lt",
"trust": 0.8,
"vendor": "apple",
"version": "6.0.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.6,
"vendor": "apple",
"version": "10.6.3"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.5"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.3"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "1.2.2"
},
{
"model": "open source project webkit r82222",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r77705",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r52833",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r52401",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r51295",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r38566",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit r105591",
"scope": null,
"trust": 0.3,
"vendor": "webkit",
"version": null
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "2"
},
{
"model": "open source project webkit",
"scope": "eq",
"trust": 0.3,
"vendor": "webkit",
"version": "0"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "12.04"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.7"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.4"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "safari",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "itunes",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "10"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.0.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3.5"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "4"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "3.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "2.0"
}
],
"sources": [
{
"db": "BID",
"id": "55534"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004362"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-261"
},
{
"db": "NVD",
"id": "CVE-2012-3687"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:apple:iphone_os",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:itunes",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:apple:safari",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004362"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martin Barbella of the Google Chrome Security Team, miaubiz, Abhishek Arya of the Google Chrome Security Team, Skylined of the Google Chrome Security Team, Yong Li of Research In Motion, Apple Product Security, Dominic Cooney of Google, Apple, Mario Gomes",
"sources": [
{
"db": "BID",
"id": "55534"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3687",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-3687",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-3687",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-56968",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-3687",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-3687",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201209-261",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-56968",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56968"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004362"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-261"
},
{
"db": "NVD",
"id": "CVE-2012-3687"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1. WebKit is prone to multiple unspecified memory-corruption vulnerabilities. \nAn attacker can exploit these issues by enticing an unsuspecting user into visiting a malicious webpage with a vulnerable application. \nFew technical details are currently available. We will update this BID when more information emerges. \nSuccessful exploits will allow attackers to execute arbitrary code in the context of the affected browser or cause denial-of-service conditions; other attacks may also be possible. WebKit is a set of open source web browser engines jointly developed by companies such as KDE, Apple (Apple), and Google (Google), and is currently used by browsers such as Apple Safari and Google Chrome. Vulnerabilities exist in using WebKit in versions prior to Apple iTunes 10.7. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-01-28-1 iOS 6.1 Software Update\n\niOS 6.1 Software Update is now available and addresses the following:\n\nIdentity Services\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Authentication relying on certificate-based Apple ID\nauthentication may be bypassed\nDescription: An error handling issue existed in Identity Services. \nIf the user\u0027s AppleID certificate failed to validate, the user\u0027s\nAppleID was assumed to be the empty string. If multiple systems\nbelonging to different users enter this state, applications relying\non this identity determination may erroneously extend trust. This\nissue was addressed by ensuring that NULL is returned instead of an\nempty string. \nCVE-ID\nCVE-2013-0963\n\nInternational Components for Unicode\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A canonicalization issue existed in the handling of the\nEUC-JP encoding, which could lead to a cross-site scripting attack on\nEUC-JP encoded websites. This issue was addressed by updating the\nEUC-JP mapping table. \nCVE-ID\nCVE-2011-3058 : Masato Kinugawa\n\nKernel\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: A user-mode process may be able to access the first page of\nkernel memory\nDescription: The iOS kernel has checks to validate that the user-\nmode pointer and length passed to the copyin and copyout functions\nwould not result in a user-mode process being able to directly access\nkernel memory. The checks were not being used if the length was\nsmaller than one page. This issue was addressed through additional\nvalidation of the arguments to copyin and copyout. \nCVE-ID\nCVE-2013-0964 : Mark Dowd of Azimuth Security\n\nSecurity\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription: Several intermediate CA certificates were mistakenly\nissued by TURKTRUST. This may allow a man-in-the-middle attacker to\nredirect connections and intercept user credentials or other\nsensitive information. This issue was addressed by not allowing the\nincorrect SSL certificates. \n\nStoreKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: JavaScript may be enabled in Mobile Safari without user\ninteraction\nDescription: If a user disabled JavaScript in Safari Preferences,\nvisiting a site which displayed a Smart App Banner would re-enable\nJavaScript without warning the user. This issue was addressed by not\nenabling JavaScript when visiting a site with a Smart App Banner. \nCVE-ID\nCVE-2013-0974 : Andrew Plotkin of Zarfhome Software Consulting, Ben\nMadison of BitCloud, Marek Durcek\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nThese issues were addressed through improved memory handling. \nCVE-ID\nCVE-2012-2824 : miaubiz\nCVE-2012-2857 : Arthur Gerkis\nCVE-2012-3606 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3607 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3621 : Skylined of the Google Chrome Security Team\nCVE-2012-3632 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2012-3687 : kuzzcc\nCVE-2012-3701 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0951 : Apple\nCVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the\nGoogle Chrome Security Team\nCVE-2013-0955 : Apple\nCVE-2013-0956 : Apple Product Security\nCVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security\nTeam\nCVE-2013-0968 : Aaron Nelson\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Copying and pasting content on a malicious website may lead\nto a cross-site scripting attack\nDescription: A cross-site scripting issue existed in the handling of\ncontent pasted from a different origin. This issue was addressed\nthrough additional validation of pasted content. \nCVE-ID\nCVE-2013-0962 : Mario Heiderich of Cure53\n\nWebKit\nAvailable for: iPhone 3GS and later,\niPod touch (4th generation) and later, iPad 2 and later\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-site scripting issue existed in the handling of\nframe elements. This issue was addressed through improved origin\ntracking. \nCVE-ID\nCVE-2012-2889 : Sergey Glazunov\n\nWiFi\nAvailable for: iPhone 3GS, iPhone 4, iPod touch (4th generation),\niPad 2\nImpact: A remote attacker on the same WiFi network may be able to\ntemporarily disable WiFi\nDescription: An out of bounds read issue exists in Broadcom\u0027s\nBCM4325 and BCM4329 firmware\u0027s handling of 802.11i information\nelements. This issue was addressed through additional validation of\n802.11i information elements. \nCVE-ID\nCVE-2012-2619 : Andres Blanco and Matias Eissler of Core Security\n\n\nInstallation note:\n\nThis update is available through iTunes and Software Update on your\niOS device, and will not appear in your computer\u0027s Software Update\napplication, or in the Apple Downloads site. Make sure you have an\nInternet connection and have installed the latest version of iTunes\nfrom www.apple.com/itunes/\n\niTunes and Software Update on the device will automatically check\nApple\u0027s update server on its weekly schedule. When an update is\ndetected, it is downloaded and the option to be installed is\npresented to the user when the iOS device is docked. We recommend\napplying the update immediately if possible. Selecting Don\u0027t Install\nwill present the option the next time you connect your iOS device. \n\nThe automatic update process may take up to a week depending on the\nday that iTunes or the device checks for updates. You may manually\nobtain the update via the Check for Updates button within iTunes, or\nthe Software Update on your device. \n\nTo check that the iPhone, iPod touch, or iPad has been updated:\n\n* Navigate to Settings\n* Select General\n* Select About. The version after applying this update\nwill be \"6.1\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJRBffvAAoJEPefwLHPlZEwzYgP/0qhsTft9TUGuphoY9tth5WB\nD0+8pAKs+1HU+nMOaEKPbK+zdMxblhRNPQyhMuTAQaY5Z/iGn1EXVCTlQBO8esRW\nepxNZuhFoaW4wzK9kvw5d/HZ9tfq059ozlFOp1TI2D6J5RwNgxDfigt2PUKCTV4X\nu/BONQHIfINYMofgf5897LHYYFSU2+NJj5ouM5dY4Y/kfJkwAnG5AWCAGlEt3QOo\nMZdaVv3/itPj4te838FYCVAepel3xBWX0Hhuu87+waHslRrIfQl+EvNk3YZXxWiF\nO5Hw9Ng/H8n0sbeA39w0U8tw+q/wPhVexdULgRjBH65+6g7Cu5u+rMuYuRjl8fO/\nglLhKZNSrQDa5ZNOraOrF62AFVByHaSxv4cZwo262/6uH93FIBtklMt947GMVQLC\n1FT0CIGNJb1/0156bvsABfRScBtK9ZdIUjXhOHMinhQJX3qiBqyKc4/juYPmC9VC\nKXk2/K8b0sGWQRc5RuQsSpzkZF9WcrwmgGOBIghp2DLmbAAj0uh2Ttf1GdrOaajR\nXpZ2TTJ5qE+IHNU0/etroTYnzjKVjQ0pODrPZj7ALLXULTraXJRJy7fqraUzsHbi\nAZiRca+3x/S9nqV0NpTNPZgTwxenox10t0w5vhcBK+SPGga1oVRbtOjGtVIkgoG4\nKI3sdgb6PtpZWuIJ6iZA\n=J2jv\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3687"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004362"
},
{
"db": "BID",
"id": "55534"
},
{
"db": "VULHUB",
"id": "VHN-56968"
},
{
"db": "PACKETSTORM",
"id": "119897"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3687",
"trust": 2.9
},
{
"db": "BID",
"id": "55534",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004362",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201209-261",
"trust": 0.7
},
{
"db": "APPLE",
"id": "APPLE-SA-2012-09-12-1",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "20721",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-56968",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "119897",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56968"
},
{
"db": "BID",
"id": "55534"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004362"
},
{
"db": "PACKETSTORM",
"id": "119897"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-261"
},
{
"db": "NVD",
"id": "CVE-2012-3687"
}
]
},
"id": "VAR-201209-0166",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56968"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T20:51:31.105000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2012-09-12-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
},
{
"title": "HT5502",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5502"
},
{
"title": "HT5642",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5642"
},
{
"title": "HT5485",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5485"
},
{
"title": "HT5502",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5502?viewlocale=ja_JP"
},
{
"title": "HT5485",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5485?viewlocale=ja_JP"
},
{
"title": "HT5642",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT5642?viewlocale=ja_JP"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004362"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56968"
},
{
"db": "NVD",
"id": "CVE-2012-3687"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00001.html"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht5485"
},
{
"trust": 1.4,
"url": "http://support.apple.com/kb/ht5502"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00005.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2013/jan/msg00000.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/55534"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht5642"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a17548"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78529"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3687"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu503755/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3687"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/20721"
},
{
"trust": 0.4,
"url": "http://www.apple.com/itunes/"
},
{
"trust": 0.3,
"url": "http://www.webkit.org/"
},
{
"trust": 0.3,
"url": "http://prod.lists.apple.com/archives/security-announce/2012/sep/msg00001.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0956"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3687"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3632"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0954"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0955"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0948"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0959"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0952"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0958"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3701"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0949"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0962"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0968"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3058"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2857"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2619"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0950"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0964"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0951"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0974"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2824"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0953"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3606"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3607"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-0963"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56968"
},
{
"db": "BID",
"id": "55534"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004362"
},
{
"db": "PACKETSTORM",
"id": "119897"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-261"
},
{
"db": "NVD",
"id": "CVE-2012-3687"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56968"
},
{
"db": "BID",
"id": "55534"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-004362"
},
{
"db": "PACKETSTORM",
"id": "119897"
},
{
"db": "CNNVD",
"id": "CNNVD-201209-261"
},
{
"db": "NVD",
"id": "CVE-2012-3687"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-09-13T00:00:00",
"db": "VULHUB",
"id": "VHN-56968"
},
{
"date": "2012-09-12T00:00:00",
"db": "BID",
"id": "55534"
},
{
"date": "2012-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004362"
},
{
"date": "2013-01-30T02:53:29",
"db": "PACKETSTORM",
"id": "119897"
},
{
"date": "2012-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-261"
},
{
"date": "2012-09-13T10:30:20.777000",
"db": "NVD",
"id": "CVE-2012-3687"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-19T00:00:00",
"db": "VULHUB",
"id": "VHN-56968"
},
{
"date": "2013-01-28T21:00:00",
"db": "BID",
"id": "55534"
},
{
"date": "2013-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-004362"
},
{
"date": "2012-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201209-261"
},
{
"date": "2024-11-21T01:41:27.257000",
"db": "NVD",
"id": "CVE-2012-3687"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-261"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Apple Used in products WebKit Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-004362"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201209-261"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…