WebKit Vulnerability in Apple iTunes Allows Arbitrary Code Execution
CVE-2012-0634

Currently unrated

Key Information:

Vendor: Apple
Status: Itunes; Webkit
Vendor: CVE Published:; 8 March 2012

What is CVE-2012-0634?

A vulnerability in WebKit, as used in Apple iTunes before version 10.6, could allow a man-in-the-middle attacker to execute arbitrary code or cause a denial of service, resulting in memory corruption and potential application crashes while browsing the iTunes Store. This vulnerability arises from specific vectors that are distinct from those identified in other advisory references.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.securityfocus.com/bid/52363

vdb-entryx_refsource_BID

http://secunia.com/advisories/48274

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 8, 2012
Vulnerability Reserved
Jan 12, 2012