CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apple » Webkit : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2012-0648 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
2 CVE-2012-0639 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
3 CVE-2012-0638 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
4 CVE-2012-0637 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
5 CVE-2012-0636 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
6 CVE-2012-0634 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
7 CVE-2011-3244 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
8 CVE-2011-3241 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
9 CVE-2011-3239 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
10 CVE-2011-3238 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
11 CVE-2011-3237 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
12 CVE-2011-3236 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
13 CVE-2011-3235 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
14 CVE-2011-3233 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
15 CVE-2011-2866 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
16 CVE-2011-2831 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
17 CVE-2011-2820 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
18 CVE-2011-2817 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
19 CVE-2011-2816 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
20 CVE-2011-2815 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
21 CVE-2011-2814 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
22 CVE-2011-2813 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
23 CVE-2011-2811 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
24 CVE-2011-2809 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
25 CVE-2011-2356 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
26 CVE-2011-2354 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
27 CVE-2011-2352 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
28 CVE-2011-2341 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
29 CVE-2011-2339 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
30 CVE-2011-2338 119 DoS Exec Code Overflow Mem. Corr. 2011-10-12 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1.
31 CVE-2011-1804 20 DoS 2011-05-26 2012-01-26
7.5
None Remote Low Not required Partial Partial Partial
rendering/RenderBox.cpp in WebCore in WebKit before r86862, as used in Google Chrome before 11.0.696.71, does not properly render floats, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."
32 CVE-2011-1295 20 DoS XSS 2011-03-25 2012-01-26
7.5
None Remote Low Not required Partial Partial Partial
WebKit, as used in Google Chrome before 10.0.648.204 and Apple Safari before 5.0.6, does not properly handle node parentage, which allows remote attackers to cause a denial of service (DOM tree corruption), conduct cross-site scripting (XSS) attacks, or possibly have unspecified other impact via unknown vectors.
33 CVE-2011-0168 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
34 CVE-2011-0165 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
35 CVE-2011-0164 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
36 CVE-2011-0157 119 DoS Exec Code Overflow Mem. Corr. 2011-03-11 2011-03-30
7.5
None Remote Low Not required Partial Partial Partial
WebKit, as used in Apple iOS before 4.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-09-1.
37 CVE-2011-0156 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
38 CVE-2011-0155 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
39 CVE-2011-0153 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
40 CVE-2011-0152 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2011-07-18
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
41 CVE-2011-0151 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
42 CVE-2011-0150 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
43 CVE-2011-0149 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly parse HTML elements associated with document namespaces, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to a "dangling pointer" and iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
44 CVE-2011-0148 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
45 CVE-2011-0147 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
46 CVE-2011-0146 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
47 CVE-2011-0145 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
48 CVE-2011-0144 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
49 CVE-2011-0143 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
50 CVE-2011-0142 119 DoS Exec Code Overflow Mem. Corr. 2011-03-03 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
Total number of vulnerabilities : 81   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.