Man-in-the-Middle Vulnerability in Apple iTunes WebKit
CVE-2011-3238

Currently unrated

Key Information:

Vendor: Apple
Status: Itunes; Webkit
Vendor: CVE Published:; 12 October 2011

Summary

A vulnerability in the WebKit component of Apple iTunes before version 10.5 enables attackers to perform man-in-the-middle attacks. This vulnerability allows them to execute arbitrary code or induce application crashes through manipulation of iTunes Store browsing. The flaw exposes users to risks of memory corruption and disruptions in service, compromising the integrity of the application.

References

http://osvdb.org/76384

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/70515

vdb-entryx_refsource_XF

http://support.apple.com/kb/HT4981

x_refsource_CONFIRM

Timeline

Vulnerability published
Oct 12, 2011
Vulnerability Reserved
Aug 19, 2011