Vulnerability Name: | CVE-2012-0606 (CCN-73825) | ||||||||
Assigned: | 2012-03-07 | ||||||||
Published: | 2012-03-07 | ||||||||
Updated: | 2018-11-29 | ||||||||
Summary: | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-119 | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2012-0606 Source: APPLE Type: Mailing List, Vendor Advisory APPLE-SA-2012-03-07-1 Source: APPLE Type: Mailing List, Vendor Advisory APPLE-SA-2012-03-07-2 Source: APPLE Type: Mailing List, Vendor Advisory APPLE-SA-2012-03-12-1 Source: OSVDB Type: Broken Link 79928 Source: CCN Type: SA48274 Apple iTunes Multiple WebKit Vulnerabilities Source: SECUNIA Type: Third Party Advisory 48274 Source: CCN Type: SA48288 Apple iOS Multiple Vulnerabilities Source: SECUNIA Type: Third Party Advisory 48288 Source: SECUNIA Type: Third Party Advisory 48377 Source: CCN Type: Apple KB HT5191 About the security content of iTunes 10.6 Source: CCN Type: Apple KB HT5192 About the security content of iOS 5.1 Software Update Source: CCN Type: OSVDB ID: 79928 Apple iOS WebKit Website Handling Unspecified Remote Memory Corruption (2012-0606) Source: CCN Type: BID-52364 Apple iPhone/iPad/iPod touch Prior to iOS 5.1 Multiple Vulnerabilities Source: BID Type: Third Party Advisory, VDB Entry 52365 Source: CCN Type: BID-52365 WebKit Multiple Unspecified Memory Corruption Vulnerabilities Source: SECTRACK Type: Third Party Advisory, VDB Entry 1026774 Source: XF Type: Third Party Advisory, VDB Entry apple-webkit-cve20120606-code-execution(73825) Source: XF Type: UNKNOWN apple-webkit-cve20120606-code-execution(73825) Source: OVAL Type: Third Party Advisory oval:org.mitre.oval:def:17168 | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |