Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2010-1387

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2010-1387
Last Modified 30 Mar 2012 12:00:00
Published 18 Jun 2010 12:30:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2010-1387

Summary

Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.

Vulnerable Systems

Operating System

  • Apple Iphone Os 1.0.0

  • Apple Iphone Os 1.0.1

  • Apple Iphone Os 1.0.2

  • Apple Iphone Os 1.1.0

  • Apple Iphone Os 1.1.1

  • Apple Iphone Os 1.1.2

  • Apple Iphone Os 1.1.3

  • Apple Iphone Os 1.1.4

  • Apple Iphone Os 1.1.5

  • Apple Iphone Os 2.0

  • Apple Iphone Os 2.0.0

  • Apple Iphone Os 2.0.1

  • Apple Iphone Os 2.0.2

  • Apple Iphone Os 2.1

  • Apple Iphone Os 2.1.1

  • Apple Iphone Os 2.2

  • Apple Iphone Os 2.2.1

  • Apple Iphone Os 3.0

  • Apple Iphone Os 3.0.1

  • Apple Iphone Os 3.1

  • Apple Iphone Os 3.1.2

  • Apple Iphone Os 3.1.3

  • Apple Iphone Os 3.2

  • Apple Iphone Os 3.2.1

Application

  • Apple Itunes 4.0.0

  • Apple Itunes 4.0.1

  • Apple Itunes 4.1.0

  • Apple Itunes 4.2.0

  • Apple Itunes 4.5

  • Apple Itunes 4.5.0

  • Apple Itunes 4.6

  • Apple Itunes 4.6.0

  • Apple Itunes 4.7

  • Apple Itunes 4.7.0

  • Apple Itunes 4.7.1

  • Apple Itunes 4.7.2

  • Apple Itunes 4.8.0

  • Apple Itunes 4.9.0

  • Apple Itunes 5.0

  • Apple Itunes 5.0.0

  • Apple Itunes 5.0.1

  • Apple Itunes 6.0.0

  • Apple Itunes 6.0.1

  • Apple Itunes 6.0.2

  • Apple Itunes 6.0.3

  • Apple Itunes 6.0.4

  • Apple Itunes 6.0.4.2

  • Apple Itunes 6.0.5

  • Apple Itunes 7.0.0

  • Apple Itunes 7.0.1

  • Apple Itunes 7.0.2

  • Apple Itunes 7.1.0

  • Apple Itunes 7.1.1

  • Apple Itunes 7.2.0

  • Apple Itunes 7.3.0

  • Apple Itunes 7.3.1

  • Apple Itunes 7.3.2

  • Apple Itunes 7.4

  • Apple Itunes 7.4.0

  • Apple Itunes 7.4.1

  • Apple Itunes 7.4.2

  • Apple Itunes 7.4.3

  • Apple Itunes 7.5

  • Apple Itunes 7.5.0

  • Apple Itunes 7.6

  • Apple Itunes 7.6.0

  • Apple Itunes 7.6.1

  • Apple Itunes 7.6.2

  • Apple Itunes 7.7

  • Apple Itunes 7.7.0

  • Apple Itunes 7.7.1

  • Apple Itunes 8.0

  • Apple Itunes 8.0.0

  • Apple Itunes 8.0.1

  • Apple Itunes 8.0.2

  • Apple Itunes 8.1

  • Apple Itunes 8.1.1

  • Apple Itunes 8.2

  • Apple Itunes 8.2.1

  • Apple Itunes 9.0

  • Apple Itunes 9.0.0

  • Apple Itunes 9.0.1

  • Apple Itunes 9.0.2

  • Apple Itunes 9.0.3

  • Apple Itunes 9.1

  • Apple Itunes 9.1.1


References

XF - itunes-webkit-unspecified-var1(59506)

VUPEN - ADV-2011-0552

VUPEN - ADV-2011-0212

VUPEN - ADV-2010-2722

VUPEN - ADV-2010-1512

UBUNTU - USN-1006-1

BID - 41016

MANDRIVA - MDVSA-2011:039

CONFIRM - http://support.apple.com/kb/HT4456

CONFIRM - http://support.apple.com/kb/HT4225

CONFIRM - http://support.apple.com/kb/HT4220

SECTRACK - 1024108

SECUNIA - 43068

SECUNIA - 42314

SECUNIA - 41856

SECUNIA - 40196

SUSE - SUSE-SR:2011:002

APPLE - APPLE-SA-2010-06-21-1

APPLE - APPLE-SA-2010-11-22-1

APPLE - APPLE-SA-2010-06-16-1


Last Updated: 27 May 2016 11:00:02