CVE-2011-0259

CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:C/I:C/A:C
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
VendorProductVersion
appleitunes
𝑥
≤ 10.4.1
appleitunes
4.0.0
appleitunes
4.0.1
appleitunes
4.1.0
appleitunes
4.2.0
appleitunes
4.5
appleitunes
4.5.0
appleitunes
4.6
appleitunes
4.6.0
appleitunes
4.7
appleitunes
4.7.0
appleitunes
4.7.1
appleitunes
4.7.2
appleitunes
4.8.0
appleitunes
4.9.0
appleitunes
5.0
appleitunes
5.0.0
appleitunes
5.0.1
appleitunes
6.0.0
appleitunes
6.0.1
appleitunes
6.0.2
appleitunes
6.0.3
appleitunes
6.0.4
appleitunes
6.0.4.2
appleitunes
6.0.5
appleitunes
7.0.0
appleitunes
7.0.1
appleitunes
7.0.2
appleitunes
7.1.0
appleitunes
7.1.1
appleitunes
7.2.0
appleitunes
7.3.0
appleitunes
7.3.1
appleitunes
7.3.2
appleitunes
7.4
appleitunes
7.4.0
appleitunes
7.4.1
appleitunes
7.4.2
appleitunes
7.4.3
appleitunes
7.5
appleitunes
7.5.0
appleitunes
7.6
appleitunes
7.6.0
appleitunes
7.6.1
appleitunes
7.6.2
appleitunes
7.7
appleitunes
7.7.0
appleitunes
7.7.1
appleitunes
8.0.0
appleitunes
8.0.1
appleitunes
8.0.2
appleitunes
8.1
appleitunes
8.1.1
appleitunes
8.2
appleitunes
8.2.1
appleitunes
9.0.0
appleitunes
9.0.1
appleitunes
9.0.2
appleitunes
9.0.3
appleitunes
9.2
appleitunes
9.2.1
appleitunes
10.0
appleitunes
10.0.1
appleitunes
10.1
appleitunes
10.1.1
appleitunes
10.1.2
appleitunes
10.2
appleitunes
10.3
appleitunes
10.3.1
appleitunes
10.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://support.apple.com/kb/HT4981
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5002
http://www.securityfocus.com/bid/50067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16919
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
http://support.apple.com/kb/HT4981
http://support.apple.com/kb/HT4999
http://support.apple.com/kb/HT5002
http://www.securityfocus.com/bid/50067
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16919