FKIE_CVE-2011-2820

Vulnerability from fkie_nvd - Published: 2011-10-12 18:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
References
chrome-cve-admin@google.comhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
chrome-cve-admin@google.comhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
chrome-cve-admin@google.comhttp://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
chrome-cve-admin@google.comhttp://support.apple.com/kb/HT4981
chrome-cve-admin@google.comhttp://support.apple.com/kb/HT4999
chrome-cve-admin@google.comhttp://support.apple.com/kb/HT5000
chrome-cve-admin@google.comhttp://www.securityfocus.com/bid/50066
chrome-cve-admin@google.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17211
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4981
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4999
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT5000
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/50066
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17211
Impacted products
Vendor Product Version
apple itunes *
apple itunes 4.0.0
apple itunes 4.0.1
apple itunes 4.1.0
apple itunes 4.2.0
apple itunes 4.5.0
apple itunes 4.6.0
apple itunes 4.7.0
apple itunes 4.7.1
apple itunes 4.7.2
apple itunes 4.8.0
apple itunes 4.9.0
apple itunes 5.0.0
apple itunes 5.0.1
apple itunes 6.0.0
apple itunes 6.0.1
apple itunes 6.0.2
apple itunes 6.0.3
apple itunes 6.0.4
apple itunes 6.0.5
apple itunes 7.0.0
apple itunes 7.0.1
apple itunes 7.0.2
apple itunes 7.1.0
apple itunes 7.1.1
apple itunes 7.2.0
apple itunes 7.3.0
apple itunes 7.3.1
apple itunes 7.3.2
apple itunes 7.4.0
apple itunes 7.4.1
apple itunes 7.4.2
apple itunes 7.4.3
apple itunes 7.5.0
apple itunes 7.6.0
apple itunes 7.6.1
apple itunes 7.6.2
apple itunes 7.7.0
apple itunes 7.7.1
apple itunes 8.0.0
apple itunes 8.0.1
apple itunes 9.0.0
apple itunes 9.0.1
apple itunes 9.0.2
apple itunes 9.0.3
apple itunes 9.1
apple itunes 9.1.1
apple itunes 9.2
apple itunes 9.2.1
apple itunes 10.0
apple itunes 10.0.1
apple itunes 10.1
apple itunes 10.1.1
apple itunes 10.1.2
apple itunes 10.2
apple itunes 10.3
apple itunes 10.3.1
apple itunes 10.4
apple webkit *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3945FBC4-84DB-4121-982A-9B39EB860E03",
              "versionEndIncluding": "10.4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CBD58D1-C40D-4F6D-816F-A3842897EB05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C910CA4-5EA5-4507-BDE9-3E6C1434B666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1B4195D-1550-42D1-B562-0E438F7ACC2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1206A192-A22C-4C55-A323-1D28D89BED21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "93748DFC-6003-4BED-87F9-98713F6897EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A8873F1-4792-41A1-83B5-B85C9F4A7D56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB84AFE4-2694-475A-80D3-4D50C524EE18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8343D87F-FA37-4225-B27D-BCCDD2433C31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B591AE1E-02DB-462A-B71F-48947525D232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "34B5892B-0377-4D81-9E0E-94B8D8CE72C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2276BED4-82F0-4F62-AA6F-7E1667F28E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45D47548-1C4D-4368-99D1-929905DD6B3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "28AE8D2D-63CA-4091-9D59-CE919EB1FD75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "582D1FE8-C4E8-4385-B4EB-34320F019E43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FEE6DEC-9B26-47F4-A2CF-CA49981C8864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2223B8E2-346A-4C37-9F6C-879F9CA64C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93E5227C-0621-43EE-A0F2-4B4545D71852",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB69B123-7A09-4855-9846-E8ACACB3C6F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0CC53F2-3827-4CA3-8726-C481B57B4AB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1AFF8F-BBCA-4C93-A401-F8B478327BFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA3571F-9221-45CD-9798-CC72CA428D6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "017E5A35-D778-46FD-A536-E57A13162675",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6122C685-4F02-476F-9A41-9C62D3D92651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D37426-00A0-40E5-A27A-CF31D8CBAEEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E11CADC-AFCC-4A98-9271-C35BC9752B40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3856A348-A0D6-4A0A-A8C9-D369CC863A97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "670656BF-2BE2-41ED-854A-466DC4068FBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDE7F79F-54F5-4315-98BD-414CA2D1C51E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBBF2E9F-0F37-4DDA-9704-B31D94745257",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1143A4DE-F75B-4396-9D01-CE14EF8FCB39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A02D076B-5900-401D-9B47-5136B9CEAA15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E479501-8832-41B0-A63C-360AE5A1B420",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41B2E2A-CE22-49FD-9558-0E6C87F53425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1950796-DA96-4443-85F4-91FE38A26612",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5EBED9A-DCF4-47FE-9A6D-4573594AA645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F7EA3F3-576C-4661-B35F-EC34CE363125",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6775CF5C-2083-4622-9D9B-DF7AB4F07422",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C84CFAD-5D0F-4BBE-A603-D7A2E8BFB28F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C3A6055-2626-4A6E-9596-9974E7437FB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "00AF4F28-A71C-4CB3-8F5F-C15500332954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5817849-ADD0-4905-87D5-4D61DB635747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E90253-3F7D-4361-819B-5D49657F4472",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CDE68E5-744B-4E18-BB74-83D7185E6A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2375C00-64ED-4027-810F-BA9E561385D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C720899-5ED4-4B7F-B90F-043DE7D91C44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1CA3CEB-11D9-4B24-82A1-D7EE77C2E7B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FF65883-4445-4436-98C5-35D9D2E1907B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:itunes:10.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CCD602-FC35-4FD5-B976-4B585C5AA254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1."
    },
    {
      "lang": "es",
      "value": "WebKit, como el usado en iTunes de Apple anterior a v10.5, permite que atacantes de man-in-the-middle ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de vectores relacionados con la navegaci\u00f3n en iTunes Store, una vulnerabilidad diferente a otros CVEa que figuran en APPLE-SA -2011-10-11-1."
    }
  ],
  "id": "CVE-2011-2820",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-10-12T18:55:01.770",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://support.apple.com/kb/HT4981"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://support.apple.com/kb/HT4999"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://support.apple.com/kb/HT5000"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "http://www.securityfocus.com/bid/50066"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT5000"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/50066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17211"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.