WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, does not properly implement the .sort function for JavaScript arrays, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2011-03-03T19:00:00
Updated: 2024-08-06T21:43:15.303Z
Reserved: 2010-12-23T00:00:00
Link: CVE-2011-0154
Vulnrichment
No data.
NVD
Status : Modified
Published: 2011-03-03T20:00:02.410
Modified: 2024-11-21T01:23:26.073
Link: CVE-2011-0154
Redhat
No data.