var-201204-0084
Vulnerability from variot
Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the library's implementation of a HTMLMedia element. After a source element is created, an attacker can catch the beforeLoad event before the element is used, and delete the element. The pointer to the source element will then be referenced causing a use-after-free condition, which can lead to code execution under the context of the application. Webkit is prone to a remote code-execution vulnerability due to a use-after-free error. Note: This issue was previously discussed in BID 52913 (Google Chrome Prior to 18.0.1025.151 Multiple Security Vulnerabilities) but has been given its own record to better document it. Google Chrome is a web browser developed by Google (Google). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2012-07-25-1 Safari 6.0
Safari 6.0 is now available and addresses the following:
Safari Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A cross-site scripting issue existed in the handling of feed:// URLs. This update removes handling of feed:// URLs. CVE-ID CVE-2012-0678 : Masato Kinugawa
Safari Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Visiting a maliciously crafted website may cause files from the user's system to be sent to a remote server Description: An access control issue existed in the handling of feed:// URLs. This update removes handling of feed:// URLs. CVE-ID CVE-2012-0679 : Aaron Sigel of vtty.com
Safari Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Passwords may autocomplete even when the site specifies that autocomplete should be disabled Description: Password input elements with the autocomplete attribute set to "off" were being autocompleted. This update addresses the issue by improved handling of the autocomplete attribute. CVE-ID CVE-2012-0680 : Dan Poltawski of Moodle
Safari Downloads Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Opening maliciously crafted files on certain websites may lead to a cross-site scripting attack Description: An issue existed in Safari's support for the 'attachment' value for the HTTP Content-Disposition header. This header is used by many websites to serve files that were uploaded to the site by a third-party, such as attachments in web-based e-mail applications. Any script in files served with this header value would run as if the file had been served inline, with full access to other resources on the origin server. This issue is addressed by downloading resources served with this header, rather than displaying them inline. CVE-ID CVE-2011-3426 : Mickey Shkatov of laplinker.com, Kyle Osborn, Hidetake Jo at Microsoft and Microsoft Vulnerability Research (MSVR)
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in WebKit. These issues are addressed through improved memory handling. CVE-ID CVE-2011-3016 : miaubiz CVE-2011-3021 : Arthur Gerkis CVE-2011-3027 : miaubiz CVE-2011-3032 : Arthur Gerkis CVE-2011-3034 : Arthur Gerkis CVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur Gerkis CVE-2011-3036 : miaubiz CVE-2011-3037 : miaubiz CVE-2011-3038 : miaubiz CVE-2011-3039 : miaubiz CVE-2011-3040 : miaubiz CVE-2011-3041 : miaubiz CVE-2011-3042 : miaubiz CVE-2011-3043 : miaubiz CVE-2011-3044 : Arthur Gerkis CVE-2011-3050 : miaubiz CVE-2011-3053 : miaubiz CVE-2011-3059 : Arthur Gerkis CVE-2011-3060 : miaubiz CVE-2011-3064 : Atte Kettunen of OUSPG CVE-2011-3068 : miaubiz CVE-2011-3069 : miaubiz CVE-2011-3071 : pa_kt working with HP's Zero Day Initiative CVE-2011-3073 : Arthur Gerkis CVE-2011-3074 : Slawomir Blazek CVE-2011-3075 : miaubiz CVE-2011-3076 : miaubiz CVE-2011-3078 : Martin Barbella of the Google Chrome Security Team CVE-2011-3081 : miaubiz CVE-2011-3086 : Arthur Gerkis CVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz CVE-2011-3090 : Arthur Gerkis CVE-2011-3913 : Arthur Gerkis CVE-2011-3924 : Arthur Gerkis CVE-2011-3926 : Arthur Gerkis CVE-2011-3958 : miaubiz CVE-2011-3966 : Aki Helin of OUSPG CVE-2011-3968 : Arthur Gerkis CVE-2011-3969 : Arthur Gerkis CVE-2011-3971 : Arthur Gerkis CVE-2012-0682 : Apple Product Security CVE-2012-0683 : Dave Mandelin of Mozilla CVE-2012-1520 : Martin Barbella of the Google Chrome Security Team using AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2012-1521 : Skylined of the Google Chrome Security Team, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP CVE-2012-3589 : Dave Mandelin of Mozilla CVE-2012-3590 : Apple Product Security CVE-2012-3591 : Apple Product Security CVE-2012-3592 : Apple Product Security CVE-2012-3593 : Apple Product Security CVE-2012-3594 : miaubiz CVE-2012-3595 : Martin Barbella of Google Chrome Security CVE-2012-3596 : Skylined of the Google Chrome Security Team CVE-2012-3597 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2012-3599 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2012-3600 : David Levin of the Chromium development community CVE-2012-3603 : Apple Product Security CVE-2012-3604 : Skylined of the Google Chrome Security Team CVE-2012-3605 : Cris Neckar of the Google Chrome Security team CVE-2012-3608 : Skylined of the Google Chrome Security Team CVE-2012-3609 : Skylined of the Google Chrome Security Team CVE-2012-3610 : Skylined of the Google Chrome Security Team CVE-2012-3611 : Apple Product Security CVE-2012-3615 : Stephen Chenney of the Chromium development community CVE-2012-3618 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2012-3620 : Abhishek Arya of Google Chrome Security Team CVE-2012-3625 : Skylined of Google Chrome Security Team CVE-2012-3626 : Apple Product Security CVE-2012-3627 : Skylined and Abhishek Arya of Google Chrome Security team CVE-2012-3628 : Apple Product Security CVE-2012-3629 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2012-3630 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2012-3631 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2012-3633 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3634 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3635 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3636 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3637 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3638 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3639 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3640 : miaubiz CVE-2012-3641 : Slawomir Blazek CVE-2012-3642 : miaubiz CVE-2012-3644 : miaubiz CVE-2012-3645 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3646 : Julien Chaffraix of the Chromium development community, Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3653 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3655 : Skylined of the Google Chrome Security Team CVE-2012-3656 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer CVE-2012-3661 : Apple Product Security CVE-2012-3663 : Skylined of Google Chrome Security Team CVE-2012-3664 : Thomas Sepez of the Chromium development community CVE-2012-3665 : Martin Barbella of Google Chrome Security Team using AddressSanitizer CVE-2012-3666 : Apple CVE-2012-3667 : Trevor Squires of propaneapp.com CVE-2012-3668 : Apple Product Security CVE-2012-3669 : Apple Product Security CVE-2012-3670 : Abhishek Arya of Google Chrome Security Team using AddressSanitizer, Arthur Gerkis CVE-2012-3674 : Skylined of Google Chrome Security Team CVE-2012-3678 : Apple Product Security CVE-2012-3679 : Chris Leary of Mozilla CVE-2012-3680 : Skylined of Google Chrome Security Team CVE-2012-3681 : Apple CVE-2012-3682 : Adam Barth of the Google Chrome Security Team CVE-2012-3683 : wushi of team509 working with iDefense VCP CVE-2012-3686 : Robin Cao of Torch Mobile (Beijing)
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Dragging and dropping selected text on a web page may lead to a cross-site information disclosure Description: A cross-origin issue existed in the handling of drag and drop events. This issue is addressed through improved origin tracking. CVE-ID CVE-2012-3689 : David Bloom of Cue
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Dragging and dropping selected text on a web page may cause files from the user's system to be sent to a remote server Description: An access control issue existed in the handling of drag and drop events. This issue is addressed through improved origin tracking. CVE-ID CVE-2012-3690 : David Bloom of Cue
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Visiting a maliciously crafted website may lead to a cross- site disclosure of information Description: A cross-origin issue existed in the handling of CSS property values. This issue is addressed through improved origin tracking. CVE-ID CVE-2012-3691 : Apple
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: A malicious website may be able to replace the contents of an iframe on another site Description: A cross-origin issue existed in the handling of iframes in popup windows. This issue is addressed through improved origin tracking. CVE-ID CVE-2011-3067 : Sergey Glazunov
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Visiting a maliciously crafted website may lead to a cross- site disclosure of information Description: A cross-origin issue existed in the handling of iframes and fragment identifiers. This issue is addressed through improved origin tracking. CVE-ID CVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt, and Dan Boneh of the Stanford University Security Laboratory
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Look-alike characters in a URL could be used to masquerade a website Description: The International Domain Name (IDN) support and Unicode fonts embedded in Safari could have been used to create a URL which contains look-alike characters. These could have been used in a malicious website to direct the user to a spoofed site that visually appears to be a legitimate domain. This issue is addressed by supplementing WebKit's list of known look-alike characters. Look- alike characters are rendered in Punycode in the address bar. CVE-ID CVE-2012-3693 : Matt Cooley of Symantec
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Dragging and dropping a file to Safari may reveal the filesystem path of the file to the website Description: An information disclosure issue existed in the handling of dragged files. This issue is addressed through improved handling of dragged files. CVE-ID CVE-2012-3694 : Daniel Cheng of Google, Aaron Sigel of vtty.com
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Visiting a maliciously crafted website may lead to a cross- site scripting attack Description: A canonicalization issue existed in the handling of URLs. This may have led to cross-site scripting on sites which use the location.href property. This issue is addressed through improved canonicalization of URLs. CVE-ID CVE-2012-3695 : Masato Kinugawa
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Visiting a maliciously crafted website may lead to HTTP request splitting Description: An HTTP header injection issue existed in the handling of WebSockets. This issue is addressed through improved WebSockets URI sanitization. CVE-ID CVE-2012-3696 : David Belcher of the BlackBerry Security Incident Response Team
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: A maliciously crafted website may be able to spoof the value in the URL bar Description: A state management issue existed in the handling of session history. Navigations to a fragment on the current page may cause Safari to display incorrect information in the URL bar. This issue is addressed through improved session state tracking. CVE-ID CVE-2011-2845 : Jordi Chancel
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: An attacker may be able to escape the sandbox and access any file the current user has access to Description: An access control issue existed in the handling of file URLs. An attacker who gains arbitrary code execution in a Safari WebProcess may be able to bypass the sandbox and access any file that the user running Safari has access to. This issue is addressed through improved handling of file URLs. CVE-ID CVE-2012-3697 : Aaron Sigel of vtty.com
WebKit Available for: OS X Lion v10.7.4, OS X Lion Server v10.7.4 Impact: Visiting a maliciously crafted website may lead to the disclosure of the disclosure of memory contents Description: An uninitialized memory access issue existed in the handling of SVG images. This issue is addressed through improved memory initialization. CVE-ID CVE-2012-3650 : Apple
Safari 6.0 is available via the Apple Software Update application.
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJQDy1eAAoJEPefwLHPlZEwJRQP/RJ41oMUhox0171MDfV4rs/h 7PpoGz3ZfIijyzy6KlF6mqdJqy/Oh/iGSJlCxhrboZZWPsgvtCQ7DoNC9p5akeH8 +h5ygcEbNm/bus/MDc0nHtHtXwcRGDLhdKtT6Kf5FUIa/lDUZbPOoe/H0/jQ5ROW DzIXImuioV2rskQvQVXMlKNVkaxLleStU84bBUwH+cCVNj5u9nWPQ7nLbptCzzG/ aL4t8MLAjkqJc/c3/a5fdqzveY0N21rkVceBeJuY5F+ejtPVCIUhqdIYzQXmZNst r5aEp1hvuyvFj00T/OT7otW52+cNnXwPOU/h/aT29S6ur9cP0mbvshMDhkESe5dv HjCRrBlkRlWQiS9u8SMwALLsI83Btk/UN5FNRe2rhtMD6O56B0RecZ14R/Uu6GEl IDRg72AwVq6NO0hFc+z9xoYrvLnmkD1mTq6HiNVbreFsOwyu/psKPwJsUpYJL+gS 5/u/Nh4XVnbK+MpXwpL22w3kzk8zoYazGmh+5B1DdevazjpKkXxj2l/MRxDEI/AE pYsgA2EwYpQeow6T69MjCuoiGK9EXSNs3bc6rsd/9WLvEedbGS2SnFYnHIO226cl OwENb/iR7hIm4JEB9pgLFRxvaWMOQVCuTDXKnnQkXPYNvUYUt4I9IZcURVDNlr+5 R4Tyq4x4MZg/D3Ho0YqS =K1+I -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-1524-1 August 08, 2012
webkit vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Multiple security vulnerabilities were fixed in WebKit.
Software Description: - webkit: Web content engine library for GTK+
Details:
A large number of security issues were discovered in the WebKit browser and JavaScript engines.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 LTS: libjavascriptcoregtk-1.0-0 1.8.1-0ubuntu0.12.04.1 libjavascriptcoregtk-3.0-0 1.8.1-0ubuntu0.12.04.1 libwebkitgtk-1.0-0 1.8.1-0ubuntu0.12.04.1 libwebkitgtk-3.0-0 1.8.1-0ubuntu0.12.04.1
After a standard system update you need to restart your session to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1524-1 CVE-2011-3046, CVE-2011-3050, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3078, CVE-2012-0672, CVE-2012-3615, CVE-2012-3655, CVE-2012-3656, CVE-2012-3680, https://launchpad.net/bugs/1027283
Package Information: https://launchpad.net/ubuntu/+source/webkit/1.8.1-0ubuntu0.12.04.1 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ZDI-12-191 : Webkit HTMLMedia Element beforeLoad Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-191 December 21, 2012
-
-- CVE ID: CVE-2011-3071
-
-- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P
-
-- Affected Vendors: WebKit.Org
-
-- Affected Products: WebKit.Org WebKit
-
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 12492.
-
-- Vendor Response: WebKit.Org has issued an update to correct this vulnerability. More details can be found at: http://support.apple.com/kb/HT1222
-
-- Disclosure Timeline: 2012-03-14 - Vulnerability reported to vendor 2012-12-21 - Coordinated public release of advisory
-
-- Credit: This vulnerability was discovered by:
-
pa_kt / twitter.com/pa_kt
-
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201204-03
http://security.gentoo.org/
Severity: Normal Title: Chromium: Multiple vulnerabilities Date: April 10, 2012 Bugs: #410963 ID: 201204-03
Synopsis
Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code.
Background
Chromium is an open source web browser project.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/chromium < 18.0.1025.151 >= 18.0.1025.151
Description
Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted web site using Chromium, possibly resulting in the execution of arbitrary code with the privileges of the process, a Denial of Service condition, or bypass of the same origin policy.
Workaround
There is no known workaround at this time.
Resolution
All Chromium users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=www-client/chromium-18.0.1025.151"
References
[ 1 ] CVE-2011-3066 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3066 [ 2 ] CVE-2011-3067 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3067 [ 3 ] CVE-2011-3068 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3068 [ 4 ] CVE-2011-3069 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3069 [ 5 ] CVE-2011-3070 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3070 [ 6 ] CVE-2011-3071 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3071 [ 7 ] CVE-2011-3072 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3072 [ 8 ] CVE-2011-3073 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3073 [ 9 ] CVE-2011-3074 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3074 [ 10 ] CVE-2011-3075 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3075 [ 11 ] CVE-2011-3076 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3076 [ 12 ] CVE-2011-3077 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3077 [ 13 ] Release Notes 18.0.1025.151
http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-= updates.html
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201204-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201204-0084", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "chrome", "scope": "lt", "trust": 1.8, "vendor": "google", "version": "18.0.1025.151" }, { "model": "itunes", "scope": "lt", "trust": 1.8, "vendor": "apple", "version": "10.7" }, { "model": "safari", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "6.0" }, { "model": "iphone os", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "6.0" }, { "model": "chrome", "scope": "eq", "trust": 0.9, "vendor": "google", "version": "18.0.1025.142" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "6 (ipad 2 or later )" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "6 (iphone 3gs or later )" }, { "model": "ios", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "6 (ipod touch first 4 after generation )" }, { "model": "safari", "scope": "lt", "trust": 0.8, "vendor": "apple", "version": "6.0 (mac os)" }, { "model": "webkit", "scope": null, "trust": 0.7, "vendor": "webkit", "version": null }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "3.0.190.2" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "18.0.1025.145" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "18.0.1025.148" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "18.0.1025.51" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "18.0.1025.132" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "18.0.1025.133" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "18.0.1025.140" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "18.0.1025.147" }, { "model": "chrome", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "18.0.1025.146" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.83" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.57" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.100" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "2" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.3" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.6" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.5" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.43" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.5" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.4" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16.0.912.75" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.60" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.204" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.128" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.5" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "0" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.2.2" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.6" }, { "model": "open source project webkit r51295", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.127" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.65" }, { "model": "open source project webkit r52401", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.7" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.3.5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16.0.91275" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.96379" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.112" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.71" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12.0.742.91" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.78" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.5" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "chrome", "scope": "ne", "trust": 0.3, "vendor": "google", "version": "18.0.1025.151" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.56" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.107" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "15.0.874.120" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.77" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.7" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.96365" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.2" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.696.68" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11.0.672.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "15.0.874.121" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "12" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14.0.835.163" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16.0.912.77" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "11" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.112" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.4" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.x" }, { "model": "open source project webkit r105591", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "15.0.874102" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.133" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.1.1" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "13.0.782.215" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "10.0.648.205" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14.0.835.186" }, { "model": "open source project webkit r38566", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "open source project webkit r77705", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "17.0.963.46" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "16.0.912.63" }, { "model": "open source project webkit r82222", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "open source project webkit", "scope": "eq", "trust": 0.3, "vendor": "webkit", "version": "1.2.2-1" }, { "model": "chrome", "scope": "eq", "trust": 0.3, "vendor": "google", "version": "14.0.835.202" }, { "model": "open source project webkit r52833", "scope": null, "trust": 0.3, "vendor": "webkit", "version": null } ], "sources": [ { "db": "ZDI", "id": "ZDI-12-191" }, { "db": "BID", "id": "57027" }, { "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "db": "CNNVD", "id": "CNNVD-201204-030" }, { "db": "NVD", "id": "CVE-2011-3071" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "18.0.1025.151", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "10.7", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2011-3071" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "pa_kt / twitter.com/pa_kt", "sources": [ { "db": "ZDI", "id": "ZDI-12-191" } ], "trust": 0.7 }, "cve": "CVE-2011-3071", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 7.5, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2011-3071", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 1.5, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 8.6, "id": "VHN-51016", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2011-3071", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2011-3071", "trust": 0.8, "value": "High" }, { "author": "ZDI", "id": "CVE-2011-3071", "trust": 0.7, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201204-030", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-51016", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-12-191" }, { "db": "VULHUB", "id": "VHN-51016" }, { "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "db": "CNNVD", "id": "CNNVD-201204-030" }, { "db": "NVD", "id": "CVE-2011-3071" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. This vulnerability Webkit Vulnerability in Google Chrome Other than Webkit Products that use may also be affected.Service disruption by a third party (DoS) You may be put into a state or affected by other details. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the library\u0027s implementation of a HTMLMedia element. After a source element is created, an attacker can catch the beforeLoad event before the element is used, and delete the element. The pointer to the source element will then be referenced causing a use-after-free condition, which can lead to code execution under the context of the application. Webkit is prone to a remote code-execution vulnerability due to a use-after-free error. \nNote: This issue was previously discussed in BID 52913 (Google Chrome Prior to 18.0.1025.151 Multiple Security Vulnerabilities) but has been given its own record to better document it. Google Chrome is a web browser developed by Google (Google). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2012-07-25-1 Safari 6.0\n\nSafari 6.0 is now available and addresses the following:\n\nSafari\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A cross-site scripting issue existed in the handling of\nfeed:// URLs. This update removes handling of feed:// URLs. \nCVE-ID\nCVE-2012-0678 : Masato Kinugawa\n\nSafari\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Visiting a maliciously crafted website may cause files from\nthe user\u0027s system to be sent to a remote server\nDescription: An access control issue existed in the handling of\nfeed:// URLs. This update removes handling of feed:// URLs. \nCVE-ID\nCVE-2012-0679 : Aaron Sigel of vtty.com\n\nSafari\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Passwords may autocomplete even when the site specifies that\nautocomplete should be disabled\nDescription: Password input elements with the autocomplete attribute\nset to \"off\" were being autocompleted. This update addresses the\nissue by improved handling of the autocomplete attribute. \nCVE-ID\nCVE-2012-0680 : Dan Poltawski of Moodle\n\nSafari Downloads\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Opening maliciously crafted files on certain websites may\nlead to a cross-site scripting attack\nDescription: An issue existed in Safari\u0027s support for the\n\u0027attachment\u0027 value for the HTTP Content-Disposition header. This\nheader is used by many websites to serve files that were uploaded to\nthe site by a third-party, such as attachments in web-based e-mail\napplications. Any script in files served with this header value would\nrun as if the file had been served inline, with full access to other\nresources on the origin server. This issue is addressed by\ndownloading resources served with this header, rather than displaying\nthem inline. \nCVE-ID\nCVE-2011-3426 : Mickey Shkatov of laplinker.com, Kyle Osborn,\nHidetake Jo at Microsoft and Microsoft Vulnerability Research (MSVR)\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Visiting a maliciously crafted website may lead to an\nunexpected application termination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in WebKit. \nThese issues are addressed through improved memory handling. \nCVE-ID\nCVE-2011-3016 : miaubiz\nCVE-2011-3021 : Arthur Gerkis\nCVE-2011-3027 : miaubiz\nCVE-2011-3032 : Arthur Gerkis\nCVE-2011-3034 : Arthur Gerkis\nCVE-2011-3035 : wushi of team509 working with iDefense VCP, Arthur\nGerkis\nCVE-2011-3036 : miaubiz\nCVE-2011-3037 : miaubiz\nCVE-2011-3038 : miaubiz\nCVE-2011-3039 : miaubiz\nCVE-2011-3040 : miaubiz\nCVE-2011-3041 : miaubiz\nCVE-2011-3042 : miaubiz\nCVE-2011-3043 : miaubiz\nCVE-2011-3044 : Arthur Gerkis\nCVE-2011-3050 : miaubiz\nCVE-2011-3053 : miaubiz\nCVE-2011-3059 : Arthur Gerkis\nCVE-2011-3060 : miaubiz\nCVE-2011-3064 : Atte Kettunen of OUSPG\nCVE-2011-3068 : miaubiz\nCVE-2011-3069 : miaubiz\nCVE-2011-3071 : pa_kt working with HP\u0027s Zero Day Initiative\nCVE-2011-3073 : Arthur Gerkis\nCVE-2011-3074 : Slawomir Blazek\nCVE-2011-3075 : miaubiz\nCVE-2011-3076 : miaubiz\nCVE-2011-3078 : Martin Barbella of the Google Chrome Security Team\nCVE-2011-3081 : miaubiz\nCVE-2011-3086 : Arthur Gerkis\nCVE-2011-3089 : Skylined of the Google Chrome Security Team, miaubiz\nCVE-2011-3090 : Arthur Gerkis\nCVE-2011-3913 : Arthur Gerkis\nCVE-2011-3924 : Arthur Gerkis\nCVE-2011-3926 : Arthur Gerkis\nCVE-2011-3958 : miaubiz\nCVE-2011-3966 : Aki Helin of OUSPG\nCVE-2011-3968 : Arthur Gerkis\nCVE-2011-3969 : Arthur Gerkis\nCVE-2011-3971 : Arthur Gerkis\nCVE-2012-0682 : Apple Product Security\nCVE-2012-0683 : Dave Mandelin of Mozilla\nCVE-2012-1520 : Martin Barbella of the Google Chrome Security Team\nusing AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com\nworking with iDefense VCP\nCVE-2012-1521 : Skylined of the Google Chrome Security Team, Jose A. \nVazquez of spa-s3c.blogspot.com working with iDefense VCP\nCVE-2012-3589 : Dave Mandelin of Mozilla\nCVE-2012-3590 : Apple Product Security\nCVE-2012-3591 : Apple Product Security\nCVE-2012-3592 : Apple Product Security\nCVE-2012-3593 : Apple Product Security\nCVE-2012-3594 : miaubiz\nCVE-2012-3595 : Martin Barbella of Google Chrome Security\nCVE-2012-3596 : Skylined of the Google Chrome Security Team\nCVE-2012-3597 : Abhishek Arya of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3599 : Abhishek Arya of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3600 : David Levin of the Chromium development community\nCVE-2012-3603 : Apple Product Security\nCVE-2012-3604 : Skylined of the Google Chrome Security Team\nCVE-2012-3605 : Cris Neckar of the Google Chrome Security team\nCVE-2012-3608 : Skylined of the Google Chrome Security Team\nCVE-2012-3609 : Skylined of the Google Chrome Security Team\nCVE-2012-3610 : Skylined of the Google Chrome Security Team\nCVE-2012-3611 : Apple Product Security\nCVE-2012-3615 : Stephen Chenney of the Chromium development community\nCVE-2012-3618 : Abhishek Arya of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3620 : Abhishek Arya of Google Chrome Security Team\nCVE-2012-3625 : Skylined of Google Chrome Security Team\nCVE-2012-3626 : Apple Product Security\nCVE-2012-3627 : Skylined and Abhishek Arya of Google Chrome Security\nteam\nCVE-2012-3628 : Apple Product Security\nCVE-2012-3629 : Abhishek Arya of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3630 : Abhishek Arya of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3631 : Abhishek Arya of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3633 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3634 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3635 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3636 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3637 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3638 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3639 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3640 : miaubiz\nCVE-2012-3641 : Slawomir Blazek\nCVE-2012-3642 : miaubiz\nCVE-2012-3644 : miaubiz\nCVE-2012-3645 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3646 : Julien Chaffraix of the Chromium development\ncommunity, Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3653 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3655 : Skylined of the Google Chrome Security Team\nCVE-2012-3656 : Abhishek Arya of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3661 : Apple Product Security\nCVE-2012-3663 : Skylined of Google Chrome Security Team\nCVE-2012-3664 : Thomas Sepez of the Chromium development community\nCVE-2012-3665 : Martin Barbella of Google Chrome Security Team using\nAddressSanitizer\nCVE-2012-3666 : Apple\nCVE-2012-3667 : Trevor Squires of propaneapp.com\nCVE-2012-3668 : Apple Product Security\nCVE-2012-3669 : Apple Product Security\nCVE-2012-3670 : Abhishek Arya of Google Chrome Security Team using\nAddressSanitizer, Arthur Gerkis\nCVE-2012-3674 : Skylined of Google Chrome Security Team\nCVE-2012-3678 : Apple Product Security\nCVE-2012-3679 : Chris Leary of Mozilla\nCVE-2012-3680 : Skylined of Google Chrome Security Team\nCVE-2012-3681 : Apple\nCVE-2012-3682 : Adam Barth of the Google Chrome Security Team\nCVE-2012-3683 : wushi of team509 working with iDefense VCP\nCVE-2012-3686 : Robin Cao of Torch Mobile (Beijing)\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Dragging and dropping selected text on a web page may lead\nto a cross-site information disclosure\nDescription: A cross-origin issue existed in the handling of drag\nand drop events. This issue is addressed through improved origin\ntracking. \nCVE-ID\nCVE-2012-3689 : David Bloom of Cue\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Dragging and dropping selected text on a web page may cause\nfiles from the user\u0027s system to be sent to a remote server\nDescription: An access control issue existed in the handling of drag\nand drop events. This issue is addressed through improved origin\ntracking. \nCVE-ID\nCVE-2012-3690 : David Bloom of Cue\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite disclosure of information\nDescription: A cross-origin issue existed in the handling of CSS\nproperty values. This issue is addressed through improved origin\ntracking. \nCVE-ID\nCVE-2012-3691 : Apple\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: A malicious website may be able to replace the contents of\nan iframe on another site\nDescription: A cross-origin issue existed in the handling of iframes\nin popup windows. This issue is addressed through improved origin\ntracking. \nCVE-ID\nCVE-2011-3067 : Sergey Glazunov\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite disclosure of information\nDescription: A cross-origin issue existed in the handling of iframes\nand fragment identifiers. This issue is addressed through improved\norigin tracking. \nCVE-ID\nCVE-2012-2815 : Elie Bursztein, Baptiste Gourdin, Gustav Rydstedt,\nand Dan Boneh of the Stanford University Security Laboratory\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Look-alike characters in a URL could be used to masquerade a\nwebsite\nDescription: The International Domain Name (IDN) support and Unicode\nfonts embedded in Safari could have been used to create a URL which\ncontains look-alike characters. These could have been used in a\nmalicious website to direct the user to a spoofed site that visually\nappears to be a legitimate domain. This issue is addressed by\nsupplementing WebKit\u0027s list of known look-alike characters. Look-\nalike characters are rendered in Punycode in the address bar. \nCVE-ID\nCVE-2012-3693 : Matt Cooley of Symantec\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Dragging and dropping a file to Safari may reveal the\nfilesystem path of the file to the website\nDescription: An information disclosure issue existed in the handling\nof dragged files. This issue is addressed through improved handling\nof dragged files. \nCVE-ID\nCVE-2012-3694 : Daniel Cheng of Google, Aaron Sigel of vtty.com\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Visiting a maliciously crafted website may lead to a cross-\nsite scripting attack\nDescription: A canonicalization issue existed in the handling of\nURLs. This may have led to cross-site scripting on sites which use\nthe location.href property. This issue is addressed through improved\ncanonicalization of URLs. \nCVE-ID\nCVE-2012-3695 : Masato Kinugawa\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Visiting a maliciously crafted website may lead to HTTP\nrequest splitting\nDescription: An HTTP header injection issue existed in the handling\nof WebSockets. This issue is addressed through improved WebSockets\nURI sanitization. \nCVE-ID\nCVE-2012-3696 : David Belcher of the BlackBerry Security Incident\nResponse Team\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: A maliciously crafted website may be able to spoof the value\nin the URL bar\nDescription: A state management issue existed in the handling of\nsession history. Navigations to a fragment on the current page may\ncause Safari to display incorrect information in the URL bar. This\nissue is addressed through improved session state tracking. \nCVE-ID\nCVE-2011-2845 : Jordi Chancel\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: An attacker may be able to escape the sandbox and access any\nfile the current user has access to\nDescription: An access control issue existed in the handling of file\nURLs. An attacker who gains arbitrary code execution in a Safari\nWebProcess may be able to bypass the sandbox and access any file that\nthe user running Safari has access to. This issue is addressed\nthrough improved handling of file URLs. \nCVE-ID\nCVE-2012-3697 : Aaron Sigel of vtty.com\n\nWebKit\nAvailable for: OS X Lion v10.7.4, OS X Lion Server v10.7.4\nImpact: Visiting a maliciously crafted website may lead to the\ndisclosure of the disclosure of memory contents\nDescription: An uninitialized memory access issue existed in the\nhandling of SVG images. This issue is addressed through improved\nmemory initialization. \nCVE-ID\nCVE-2012-3650 : Apple\n\nSafari 6.0 is available via the Apple Software Update\napplication. \n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.18 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJQDy1eAAoJEPefwLHPlZEwJRQP/RJ41oMUhox0171MDfV4rs/h\n7PpoGz3ZfIijyzy6KlF6mqdJqy/Oh/iGSJlCxhrboZZWPsgvtCQ7DoNC9p5akeH8\n+h5ygcEbNm/bus/MDc0nHtHtXwcRGDLhdKtT6Kf5FUIa/lDUZbPOoe/H0/jQ5ROW\nDzIXImuioV2rskQvQVXMlKNVkaxLleStU84bBUwH+cCVNj5u9nWPQ7nLbptCzzG/\naL4t8MLAjkqJc/c3/a5fdqzveY0N21rkVceBeJuY5F+ejtPVCIUhqdIYzQXmZNst\nr5aEp1hvuyvFj00T/OT7otW52+cNnXwPOU/h/aT29S6ur9cP0mbvshMDhkESe5dv\nHjCRrBlkRlWQiS9u8SMwALLsI83Btk/UN5FNRe2rhtMD6O56B0RecZ14R/Uu6GEl\nIDRg72AwVq6NO0hFc+z9xoYrvLnmkD1mTq6HiNVbreFsOwyu/psKPwJsUpYJL+gS\n5/u/Nh4XVnbK+MpXwpL22w3kzk8zoYazGmh+5B1DdevazjpKkXxj2l/MRxDEI/AE\npYsgA2EwYpQeow6T69MjCuoiGK9EXSNs3bc6rsd/9WLvEedbGS2SnFYnHIO226cl\nOwENb/iR7hIm4JEB9pgLFRxvaWMOQVCuTDXKnnQkXPYNvUYUt4I9IZcURVDNlr+5\nR4Tyq4x4MZg/D3Ho0YqS\n=K1+I\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-1524-1\nAugust 08, 2012\n\nwebkit vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n\nSummary:\n\nMultiple security vulnerabilities were fixed in WebKit. \n\nSoftware Description:\n- webkit: Web content engine library for GTK+\n\nDetails:\n\nA large number of security issues were discovered in the WebKit browser and\nJavaScript engines. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n libjavascriptcoregtk-1.0-0 1.8.1-0ubuntu0.12.04.1\n libjavascriptcoregtk-3.0-0 1.8.1-0ubuntu0.12.04.1\n libwebkitgtk-1.0-0 1.8.1-0ubuntu0.12.04.1\n libwebkitgtk-3.0-0 1.8.1-0ubuntu0.12.04.1\n\nAfter a standard system update you need to restart your session to make all\nthe necessary changes. \n\nReferences:\n http://www.ubuntu.com/usn/usn-1524-1\n CVE-2011-3046, CVE-2011-3050, CVE-2011-3067, CVE-2011-3068,\n CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074,\n CVE-2011-3075, CVE-2011-3078, CVE-2012-0672, CVE-2012-3615,\n CVE-2012-3655, CVE-2012-3656, CVE-2012-3680, https://launchpad.net/bugs/1027283\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/webkit/1.8.1-0ubuntu0.12.04.1\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nZDI-12-191 : Webkit HTMLMedia Element beforeLoad Remote Code Execution\nVulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-12-191\nDecember 21, 2012\n\n- -- CVE ID:\nCVE-2011-3071\n\n- -- CVSS:\n7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P\n\n- -- Affected Vendors:\nWebKit.Org\n\n\n- -- Affected Products:\nWebKit.Org WebKit\n\n- -- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 12492. \n\n- -- Vendor Response:\nWebKit.Org has issued an update to correct this vulnerability. More details\ncan be found at:\nhttp://support.apple.com/kb/HT1222\n\n\n- -- Disclosure Timeline:\n2012-03-14 - Vulnerability reported to vendor\n2012-12-21 - Coordinated public release of advisory\n\n- -- Credit:\nThis vulnerability was discovered by:\n* pa_kt / twitter.com/pa_kt\n\n\n- -- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201204-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Chromium: Multiple vulnerabilities\n Date: April 10, 2012\n Bugs: #410963\n ID: 201204-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been reported in Chromium, some of which\nmay allow execution of arbitrary code. \n\nBackground\n==========\n\nChromium is an open source web browser project. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-client/chromium \u003c 18.0.1025.151 \u003e= 18.0.1025.151\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Chromium. Please\nreview the CVE identifiers and release notes referenced below for\ndetails. \n\nImpact\n======\n\nA remote attacker could entice a user to open a specially crafted web\nsite using Chromium, possibly resulting in the execution of arbitrary\ncode with the privileges of the process, a Denial of Service condition,\nor bypass of the same origin policy. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Chromium users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=www-client/chromium-18.0.1025.151\"\n\nReferences\n==========\n\n[ 1 ] CVE-2011-3066\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3066\n[ 2 ] CVE-2011-3067\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3067\n[ 3 ] CVE-2011-3068\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3068\n[ 4 ] CVE-2011-3069\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3069\n[ 5 ] CVE-2011-3070\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3070\n[ 6 ] CVE-2011-3071\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3071\n[ 7 ] CVE-2011-3072\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3072\n[ 8 ] CVE-2011-3073\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3073\n[ 9 ] CVE-2011-3074\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3074\n[ 10 ] CVE-2011-3075\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3075\n[ 11 ] CVE-2011-3076\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3076\n[ 12 ] CVE-2011-3077\n http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3077\n[ 13 ] Release Notes 18.0.1025.151\n\nhttp://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-=\nupdates.html\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201204-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n", "sources": [ { "db": "NVD", "id": "CVE-2011-3071" }, { "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "db": "ZDI", "id": "ZDI-12-191" }, { "db": "BID", "id": "57027" }, { "db": "VULHUB", "id": "VHN-51016" }, { "db": "PACKETSTORM", "id": "115018" }, { "db": "PACKETSTORM", "id": "115375" }, { "db": "PACKETSTORM", "id": "116534" }, { "db": "PACKETSTORM", "id": "119009" }, { "db": "PACKETSTORM", "id": "111738" } ], "trust": 3.06 }, "exploit_availability": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "reference": "https://www.scap.org.cn/vuln/vhn-51016", "trust": 0.1, "type": "unknown" } ], "sources": [ { "db": "VULHUB", "id": "VHN-51016" } ] }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-3071", "trust": 4.0 }, { "db": "SECUNIA", "id": "48732", "trust": 1.7 }, { "db": "SECUNIA", "id": "48749", "trust": 1.7 }, { "db": "BID", "id": "52913", "trust": 1.7 }, { "db": "SECTRACK", "id": "1026892", "trust": 1.7 }, { "db": "OSVDB", "id": "81041", "trust": 1.7 }, { "db": "ZDI", "id": "ZDI-12-191", "trust": 1.1 }, { "db": "JVNDB", "id": "JVNDB-2012-002013", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-1528", "trust": 0.7 }, { "db": "CNNVD", "id": "CNNVD-201204-030", "trust": 0.6 }, { "db": "BID", "id": "57027", "trust": 0.4 }, { "db": "PACKETSTORM", "id": "119009", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-51016", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "115018", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "115375", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "116534", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "111738", "trust": 0.1 } ], "sources": [ { "db": "ZDI", "id": "ZDI-12-191" }, { "db": "VULHUB", "id": "VHN-51016" }, { "db": "BID", "id": "57027" }, { "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "db": "PACKETSTORM", "id": "115018" }, { "db": "PACKETSTORM", "id": "115375" }, { "db": "PACKETSTORM", "id": "116534" }, { "db": "PACKETSTORM", "id": "119009" }, { "db": "PACKETSTORM", "id": "111738" }, { "db": "CNNVD", "id": "CNNVD-201204-030" }, { "db": "NVD", "id": "CVE-2011-3071" } ] }, "id": "VAR-201204-0084", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-51016" } ], "trust": 0.01 }, "last_update_date": "2024-07-23T21:45:06.885000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HT5400", "trust": 0.8, "url": "http://support.apple.com/kb/ht5400" }, { "title": "HT5503", "trust": 0.8, "url": "http://support.apple.com/kb/ht5503" }, { "title": "HT5485", "trust": 0.8, "url": "http://support.apple.com/kb/ht5485" }, { "title": "HT5400", "trust": 0.8, "url": "http://support.apple.com/kb/ht5400?viewlocale=ja_jp" }, { "title": "HT5503", "trust": 0.8, "url": "http://support.apple.com/kb/ht5503?viewlocale=ja_jp" }, { "title": "HT5485", "trust": 0.8, "url": "http://support.apple.com/kb/ht5485?viewlocale=ja_jp" }, { "title": "Stable and Beta Channel Updates", "trust": 0.8, "url": "http://googlechromereleases.blogspot.jp/2012/04/stable-and-beta-channel-updates.html" }, { "title": "Google Chrome", "trust": 0.8, "url": "http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja\u0026hl=ja" }, { "title": "WebKit.Org has issued an update to correct this vulnerability.", "trust": 0.7, "url": "http://support.apple.com/kb/ht1222" }, { "title": "Google Chrome Remediation measures for releasing exploits", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=114603" } ], "sources": [ { "db": "ZDI", "id": "ZDI-12-191" }, { "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "db": "CNNVD", "id": "CNNVD-201204-030" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-416", "trust": 1.1 }, { "problemtype": "CWE-399", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-51016" }, { "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "db": "NVD", "id": "CVE-2011-3071" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.0, "url": "http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html" }, { "trust": 1.8, "url": "http://security.gentoo.org/glsa/glsa-201204-03.xml" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2012/jul/msg00000.html" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00001.html" }, { "trust": 1.7, "url": "http://lists.apple.com/archives/security-announce/2012/sep/msg00003.html" }, { "trust": 1.7, "url": "http://www.securityfocus.com/bid/52913" }, { "trust": 1.7, "url": "http://code.google.com/p/chromium/issues/detail?id=118273" }, { "trust": 1.7, "url": "http://support.apple.com/kb/ht5400" }, { "trust": 1.7, "url": "http://support.apple.com/kb/ht5485" }, { "trust": 1.7, "url": "http://support.apple.com/kb/ht5503" }, { "trust": 1.7, "url": "http://osvdb.org/81041" }, { "trust": 1.7, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15317" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id?1026892" }, { "trust": 1.7, "url": "http://secunia.com/advisories/48732" }, { "trust": 1.7, "url": "http://secunia.com/advisories/48749" }, { "trust": 1.7, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74631" }, { "trust": 1.0, "url": "http://support.apple.com/kb/ht1222" }, { "trust": 0.9, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3071" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3071" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu624491/" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu864819/" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3071" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3074" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3075" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3068" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3069" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3073" }, { "trust": 0.3, "url": "http://www.google.com/chrome" }, { "trust": 0.3, "url": "http://www.webkit.org/" }, { "trust": 0.3, "url": "http://prod.lists.apple.com/archives/security-announce/2012/sep/msg00001.html" }, { "trust": 0.3, "url": "http://www.zerodayinitiative.com/advisories/zdi-12-191/" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3067" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3050" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3059" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3035" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3027" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3016" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3060" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3038" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3036" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3064" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3043" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3041" }, { "trust": 0.2, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3021" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3032" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3040" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3044" }, { "trust": 0.2, "url": "http://gpgtools.org" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3037" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3053" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3034" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3042" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3039" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3078" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3076" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2845" }, { "trust": 0.1, "url": "https://launchpad.net/bugs/1027283" }, { "trust": 0.1, "url": "http://www.ubuntu.com/usn/usn-1524-1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0672" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3680" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3656" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3655" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3615" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/webkit/1.8.1-0ubuntu0.12.04.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3046" }, { "trust": 0.1, "url": "http://www.apple.com/itunes/download/" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/" }, { "trust": 0.1, "url": "http://twitter.com/thezdi" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com/advisories/zdi-12-191" }, { "trust": 0.1, "url": "http://www.tippingpoint.com" }, { "trust": 0.1, "url": "http://www.zerodayinitiative.com" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3066" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3072" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3073" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3070" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3075" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3074" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3070" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3077" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3076" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3077" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3072" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3066" }, { "trust": 0.1, "url": "http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-=" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3069" }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3067" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3068" } ], "sources": [ { "db": "ZDI", "id": "ZDI-12-191" }, { "db": "VULHUB", "id": "VHN-51016" }, { "db": "BID", "id": "57027" }, { "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "db": "PACKETSTORM", "id": "115018" }, { "db": "PACKETSTORM", "id": "115375" }, { "db": "PACKETSTORM", "id": "116534" }, { "db": "PACKETSTORM", "id": "119009" }, { "db": "PACKETSTORM", "id": "111738" }, { "db": "CNNVD", "id": "CNNVD-201204-030" }, { "db": "NVD", "id": "CVE-2011-3071" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "ZDI", "id": "ZDI-12-191" }, { "db": "VULHUB", "id": "VHN-51016" }, { "db": "BID", "id": "57027" }, { "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "db": "PACKETSTORM", "id": "115018" }, { "db": "PACKETSTORM", "id": "115375" }, { "db": "PACKETSTORM", "id": "116534" }, { "db": "PACKETSTORM", "id": "119009" }, { "db": "PACKETSTORM", "id": "111738" }, { "db": "CNNVD", "id": "CNNVD-201204-030" }, { "db": "NVD", "id": "CVE-2011-3071" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-12-21T00:00:00", "db": "ZDI", "id": "ZDI-12-191" }, { "date": "2012-04-05T00:00:00", "db": "VULHUB", "id": "VHN-51016" }, { "date": "2012-04-05T00:00:00", "db": "BID", "id": "57027" }, { "date": "2012-04-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "date": "2012-07-25T23:01:01", "db": "PACKETSTORM", "id": "115018" }, { "date": "2012-08-09T01:33:19", "db": "PACKETSTORM", "id": "115375" }, { "date": "2012-09-14T02:13:11", "db": "PACKETSTORM", "id": "116534" }, { "date": "2012-12-21T23:58:00", "db": "PACKETSTORM", "id": "119009" }, { "date": "2012-04-11T14:21:31", "db": "PACKETSTORM", "id": "111738" }, { "date": "2010-04-06T00:00:00", "db": "CNNVD", "id": "CNNVD-201204-030" }, { "date": "2012-04-05T22:02:07.827000", "db": "NVD", "id": "CVE-2011-3071" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2012-12-21T00:00:00", "db": "ZDI", "id": "ZDI-12-191" }, { "date": "2020-04-14T00:00:00", "db": "VULHUB", "id": "VHN-51016" }, { "date": "2015-03-19T09:23:00", "db": "BID", "id": "57027" }, { "date": "2013-04-03T00:00:00", "db": "JVNDB", "id": "JVNDB-2012-002013" }, { "date": "2020-04-15T00:00:00", "db": "CNNVD", "id": "CNNVD-201204-030" }, { "date": "2020-04-14T14:50:51.670000", "db": "NVD", "id": "CVE-2011-3071" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "115375" }, { "db": "PACKETSTORM", "id": "119009" }, { "db": "CNNVD", "id": "CNNVD-201204-030" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Used in multiple products Webkit Service disruption in (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2012-002013" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201204-030" } ], "trust": 0.6 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.