CVE-2011-1453

Current Description

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Basic Data

PublishedJuly 21, 2011
Last ModifiedOctober 21, 2011
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-119
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score9.3
SeverityHIGH
Exploitability Score8.6
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3ApplicationAppleSafari1.0*******
      2.3ApplicationAppleSafari1.0beta******
      2.3ApplicationAppleSafari1.0beta2******
      2.3ApplicationAppleSafari1.0.0*******
      2.3ApplicationAppleSafari1.0.0b1*******
      2.3ApplicationAppleSafari1.0.0b2*******
      2.3ApplicationAppleSafari1.0.1*******
      2.3ApplicationAppleSafari1.0.2*******
      2.3ApplicationAppleSafari1.0.3*******
      2.3ApplicationAppleSafari1.0.385.8******
      2.3ApplicationAppleSafari1.0.385.8.1******
      2.3ApplicationAppleSafari1.1*******
      2.3ApplicationAppleSafari1.1.0*******
      2.3ApplicationAppleSafari1.1.1*******
      2.3ApplicationAppleSafari1.2*******
      2.3ApplicationAppleSafari1.2.0*******
      2.3ApplicationAppleSafari1.2.1*******
      2.3ApplicationAppleSafari1.2.2*******
      2.3ApplicationAppleSafari1.2.3*******
      2.3ApplicationAppleSafari1.2.4*******
      2.3ApplicationAppleSafari1.2.5*******
      2.3ApplicationAppleSafari1.3*******
      2.3ApplicationAppleSafari1.3.0*******
      2.3ApplicationAppleSafari1.3.1*******
      2.3ApplicationAppleSafari1.3.2*******
      2.3ApplicationAppleSafari1.3.2312.5******
      2.3ApplicationAppleSafari1.3.2312.6******
      2.3ApplicationAppleSafari2*******
      2.3ApplicationAppleSafari2.0*******
      2.3ApplicationAppleSafari2.0.0*******
      2.3ApplicationAppleSafari2.0.1*******
      2.3ApplicationAppleSafari2.0.2*******
      2.3ApplicationAppleSafari2.0.3*******
      2.3ApplicationAppleSafari2.0.3417.8******
      2.3ApplicationAppleSafari2.0.3417.9******
      2.3ApplicationAppleSafari2.0.3417.9.2******
      2.3ApplicationAppleSafari2.0.3417.9.3******
      2.3ApplicationAppleSafari2.0.4*******
      2.3ApplicationAppleSafari3*******
      2.3ApplicationAppleSafari3.0*******
      2.3ApplicationAppleSafari3.0.0*******
      2.3ApplicationAppleSafari3.0.0b*******
      2.3ApplicationAppleSafari3.0.1*******
      2.3ApplicationAppleSafari3.0.1b*******
      2.3ApplicationAppleSafari3.0.2*******
      2.3ApplicationAppleSafari3.0.2b*******
      2.3ApplicationAppleSafari3.0.3*******
      2.3ApplicationAppleSafari3.0.3b*******
      2.3ApplicationAppleSafari3.0.4*******
      2.3ApplicationAppleSafari3.0.4b*******
      2.3ApplicationAppleSafari3.1.0*******
      2.3ApplicationAppleSafari3.1.0b*******
      2.3ApplicationAppleSafari3.1.1*******
      2.3ApplicationAppleSafari3.1.2*******
      2.3ApplicationAppleSafari3.2.0*******
      2.3ApplicationAppleSafari3.2.1*******
      2.3ApplicationAppleSafari3.2.2*******
      2.3ApplicationAppleSafari4.1*******
      2.3ApplicationAppleSafari4.1.1*******
      2.3ApplicationAppleSafari4.1.2*******
      2.3ApplicationAppleSafari5.0*******
      2.3ApplicationAppleSafari5.0.1*******
      2.3ApplicationAppleSafari5.0.2*******
      2.3ApplicationAppleSafari5.0.3*******
      2.3ApplicationAppleSafari5.0.4*******
      2.3ApplicationAppleSafari********5.0.5
      2.3ApplicationAppleWebkit********
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSAppleMac Os X10.5.8*******
      2.3OSAppleMac Os X10.6.8*******
      2.3OSAppleMac Os X10.6.9*******
      2.3OSAppleMac Os X10.7.0*******
      2.3OSAppleMac Os X Server10.5.8*******
      2.3OSAppleMac Os X Server10.6.8*******
      2.3OSAppleMac Os X Server10.6.9*******
      2.3OSAppleMac Os X Server10.7.0*******
      2.3OSMicrosoftWindows 7********
      2.3OSMicrosoftWindows Vista********
      2.3OSMicrosoftWindows Xp*sp2******
      2.3OSMicrosoftWindows Xp*sp3******
      VendorProductVersions

      References

      NameSourceURLTags
      APPLE-SA-2011-07-20-1http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.htmlAPPLE
      APPLE-SA-2011-10-11-1http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.htmlAPPLE
      APPLE-SA-2011-10-12-1http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.htmlAPPLE
      http://support.apple.com/kb/HT4808http://support.apple.com/kb/HT4808CONFIRM
      http://support.apple.com/kb/HT4981http://support.apple.com/kb/HT4981CONFIRM
      http://support.apple.com/kb/HT4999http://support.apple.com/kb/HT4999CONFIRM