CVE-2011-0115

{"id": "CVE-2011-0115", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-03-03T20:00:01.613", "references": [{"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html", "source": "product-security@apple.com"}, {"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html", "source": "product-security@apple.com"}, {"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html", "tags": ["Patch", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://support.apple.com/kb/HT4554", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://support.apple.com/kb/HT4564", "source": "product-security@apple.com"}, {"url": "http://support.apple.com/kb/HT4566", "source": "product-security@apple.com"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-096", "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."}, {"lang": "es", "value": "El nivel 2 de DOM en su implementaci\u00f3n en WebKit, utilizado en el iTunes de Apple anterior a la v10.2 en Windows y Apple Safari, no controla correctamente las manipulaciones DOM asociadas con a los eventos de escucha durante el procesamiento de un rango de objetos, lo que permite a los atacantes de hombre en medio (man-in-the-middle) ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de vectores relacionados con la navegaci\u00f3n por la iTunes Store, una vulnerabilidad diferente de otros CVEs listados en APPLE-SA-2011-03-02-1."}], "lastModified": "2011-03-18T02:56:29.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E40F7857-8F3F-4707-B3AA-A12C0731BB83", "versionEndIncluding": "10.1.2"}, {"criteria": "cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CBD58D1-C40D-4F6D-816F-A3842897EB05"}, {"criteria": "cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C910CA4-5EA5-4507-BDE9-3E6C1434B666"}, {"criteria": "cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0415D4B8-0281-4ED5-B3A1-A97BDD0F8D36"}, {"criteria": "cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1B4195D-1550-42D1-B562-0E438F7ACC2E"}, {"criteria": "cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4B6A66A-AC5F-48E0-ABCE-68828207B106"}, {"criteria": "cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1206A192-A22C-4C55-A323-1D28D89BED21"}, {"criteria": "cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "071BFB1F-402B-4D8C-8155-671792AEDB81"}, {"criteria": "cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52E156DE-12B4-4E7A-B8C4-C2FC0AC2B2C9"}, {"criteria": "cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCBA60E9-C5B5-4B4C-9FA3-7FE0F3F6871C"}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93748DFC-6003-4BED-87F9-98713F6897EE"}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFB9D7E1-B715-4A93-9CDB-99A89C7D85B1"}, {"criteria": "cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A8873F1-4792-41A1-83B5-B85C9F4A7D56"}, {"criteria": "cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB84AFE4-2694-475A-80D3-4D50C524EE18"}, {"criteria": "cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB20AA2E-5DF0-420C-A1FE-BB6EBA9649FE"}, {"criteria": "cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B48FDD0A-6DE5-44DD-B144-32B91DB26C7E"}, {"criteria": "cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8343D87F-FA37-4225-B27D-BCCDD2433C31"}, {"criteria": "cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B591AE1E-02DB-462A-B71F-48947525D232"}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34B5892B-0377-4D81-9E0E-94B8D8CE72C3"}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2276BED4-82F0-4F62-AA6F-7E1667F28E3A"}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45D47548-1C4D-4368-99D1-929905DD6B3A"}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28AE8D2D-63CA-4091-9D59-CE919EB1FD75"}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC9E22D2-551A-4CDF-B9F0-C45A3A2B7695"}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52A433A5-3EFF-405D-8285-97EC88857968"}, {"criteria": "cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D62A1C5D-C25E-4E56-8FD0-F90C8E39C7F4"}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "582D1FE8-C4E8-4385-B4EB-34320F019E43"}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF61CE34-5130-4B1A-B7A2-B28C1A18B9BA"}, {"criteria": "cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FEE6DEC-9B26-47F4-A2CF-CA49981C8864"}, {"criteria": "cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2223B8E2-346A-4C37-9F6C-879F9CA64C06"}, {"criteria": "cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93E5227C-0621-43EE-A0F2-4B4545D71852"}, {"criteria": "cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB69B123-7A09-4855-9846-E8ACACB3C6F6"}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0CC53F2-3827-4CA3-8726-C481B57B4AB2"}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C1AFF8F-BBCA-4C93-A401-F8B478327BFE"}, {"criteria": "cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BA3571F-9221-45CD-9798-CC72CA428D6A"}, {"criteria": "cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "129ABCA4-FBF6-41B8-BF6B-65467D56D297"}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "017E5A35-D778-46FD-A536-E57A13162675"}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6122C685-4F02-476F-9A41-9C62D3D92651"}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17D37426-00A0-40E5-A27A-CF31D8CBAEEF"}, {"criteria": "cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E11CADC-AFCC-4A98-9271-C35BC9752B40"}, {"criteria": "cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11F1530E-9E63-4A39-9056-3A946A34B650"}, {"criteria": "cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3856A348-A0D6-4A0A-A8C9-D369CC863A97"}, {"criteria": "cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29E92D8D-68AB-4FC4-A37A-D6D48829B58D"}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "670656BF-2BE2-41ED-854A-466DC4068FBF"}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDE7F79F-54F5-4315-98BD-414CA2D1C51E"}, {"criteria": "cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBBF2E9F-0F37-4DDA-9704-B31D94745257"}, {"criteria": "cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBA5AB05-ADF6-4B5D-A4FD-9C149EC4577F"}, {"criteria": "cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1143A4DE-F75B-4396-9D01-CE14EF8FCB39"}, {"criteria": "cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDF87AB4-B3F3-4774-8CE3-A2B46C3D8DC5"}, {"criteria": "cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A02D076B-5900-401D-9B47-5136B9CEAA15"}, {"criteria": "cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E479501-8832-41B0-A63C-360AE5A1B420"}, {"criteria": "cpe:2.3:a:apple:itunes:8.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8961EDA-B567-4D92-8DBC-F887712F3BD2"}, {"criteria": "cpe:2.3:a:apple:itunes:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A60A3349-DE6E-4381-81C0-E682B791ED61"}, {"criteria": "cpe:2.3:a:apple:itunes:8.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EF2759C-6F94-4769-8EB2-16947C05CBB3"}, {"criteria": "cpe:2.3:a:apple:itunes:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0F53FF4-8A15-475C-9FF6-54073A3F1B08"}, {"criteria": "cpe:2.3:a:apple:itunes:8.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80AFD7E5-A66F-4E43-BC34-EB6BF59186D7"}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E41B2E2A-CE22-49FD-9558-0E6C87F53425"}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1950796-DA96-4443-85F4-91FE38A26612"}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5EBED9A-DCF4-47FE-9A6D-4573594AA645"}, {"criteria": "cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F7EA3F3-576C-4661-B35F-EC34CE363125"}, {"criteria": "cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C3A6055-2626-4A6E-9596-9974E7437FB5"}, {"criteria": "cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00AF4F28-A71C-4CB3-8F5F-C15500332954"}, {"criteria": "cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5817849-ADD0-4905-87D5-4D61DB635747"}, {"criteria": "cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96E90253-3F7D-4361-819B-5D49657F4472"}, {"criteria": "cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84336EBA-5EC0-4C49-B1B9-9DAB23D5C3C2"}, {"criteria": "cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CDE68E5-744B-4E18-BB74-83D7185E6A57"}, {"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE370CAA-04B3-434E-BD5B-1D87DE596C10"}, {"criteria": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "461EFB63-7933-488C-BB4E-7C913364F5A9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}, {"criteria": "cpe:2.3:o:microsoft:windows_7:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D56B932B-9593-44E2-B610-E4EB2143EB21"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3852BB02-47A1-40B3-8E32-8D8891A53114"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C162FFF0-1E8F-4DCF-A08F-6C6E324ED878"}, {"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0A0D2704-C058-420B-B368-372D1129E914"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "product-security@apple.com"}