WebKit Vulnerability in Apple iTunes Enables Code Execution Risks
CVE-2012-0648

Currently unrated

Key Information:

Vendor

Apple
Status
Itunes
Webkit
Vendor
CVE Published:
8 March 2012

What is CVE-2012-0648?

The vulnerability in WebKit, utilized in Apple iTunes prior to version 10.6, enables potential man-in-the-middle attackers to exploit specific weaknesses during the browsing of iTunes Store. This exploitation can lead to arbitrary code execution or denial of service, resulting in application crashes and memory corruption. Remediation involves updating to the latest version of iTunes to mitigate these risks.

References

http://www.securityfocus.com/bid/52363
vdb-entryx_refsource_BID
http://secunia.com/advisories/48377
third-party-advisoryx_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2012/Ma...
vendor-advisoryx_refsource_APPLE

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.