WebKit Vulnerability in Apple iTunes Allows Code Execution and Denial of Service
CVE-2011-2339

Currently unrated

Key Information:

Vendor: Apple
Status: Itunes; Webkit
Vendor: CVE Published:; 12 October 2011

What is CVE-2011-2339?

The vulnerability in WebKit, as utilized by Apple iTunes prior to version 10.5, permits man-in-the-middle attackers to execute arbitrary code or induce a denial of service through specific exploit vectors during iTunes Store browsing. This issue is characterized by memory corruption, which can lead to crashes in the application, thereby compromising user experience and system stability.

References

http://support.apple.com/kb/HT4981

x_refsource_CONFIRM

http://lists.apple.com/archives/Security-announce/2011//O...

vendor-advisoryx_refsource_APPLE

http://lists.apple.com/archives/Security-announce/2011//O...

vendor-advisoryx_refsource_APPLE

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 12, 2011
Vulnerability Reserved
Jun 2, 2011