WebKit Vulnerability in Apple iTunes Prior to Version 10.6
CVE-2012-0639

Currently unrated

Key Information:

Vendor: Apple
Status: Itunes; Webkit
Vendor: CVE Published:; 8 March 2012

Summary

A vulnerability in WebKit used in Apple iTunes prior to version 10.6 allows attackers to conduct man-in-the-middle attacks. By exploiting flaws in iTunes Store browsing, an attacker can execute arbitrary code or trigger a denial of service, resulting in application crashes and memory corruption. This highlights the need for users to update to the latest software versions to mitigate such security risks.

References

http://www.securityfocus.com/bid/52363

vdb-entryx_refsource_BID

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://secunia.com/advisories/48377

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Mar 8, 2012
Vulnerability Reserved
Jan 12, 2012