Details of VAR-201207-0075

ID

VAR-201207-0075

CVE

CVE-2012-3634

TITLE

plural Apple Used in products WebKit Vulnerabilities in arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2012-003352

DESCRIPTION

WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. WebKit is prone to multiple unspecified remote code-execution vulnerabilities. Attackers can exploit these issues by performing a man-in-the-middle attack. Successful attacks will result in arbitrary code execution; failed attacks may cause denial-of-service conditions. Note: This issue was previously discussed in BID 54669 (Apple Safari Prior to 6.0 Multiple Security Vulnerabilities), but has been given its own record to better document it. Apple Apple Safari is a web browser developed by Apple (Apple), and is the default browser included with Mac OS X and iOS operating systems. Vulnerabilities exist in using WebKit in versions prior to Apple Safari 6.0

Trust: 1.98

sources: NVD: CVE-2012-3634 // JVNDB: JVNDB-2012-003352 // BID: 54680 // VULHUB: VHN-56915

AFFECTED PRODUCTS

vendor:	apple	model:	safari	scope:	eq	version:	5.0.4	Trust: 1.9
vendor:	apple	model:	safari	scope:	eq	version:	3.1.2b	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	3.2.1	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	4.0.3	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	3.1.1b	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	3.0.1	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	3.2.0b	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	3.2.1b	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	2.0.3	Trust: 1.6
vendor:	apple	model:	safari	scope:	eq	version:	5.0.6	Trust: 1.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.4	Trust: 1.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.1	Trust: 1.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1	Trust: 1.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.5	Trust: 1.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.2	Trust: 1.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.1	Trust: 1.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0	Trust: 1.3
vendor:	apple	model:	safari	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.3.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0.3b	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.2.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0.3	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.2.2b	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.2.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	4.1.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0.1b	Trust: 1.0
vendor:	apple	model:	safari	scope:	lte	version:	5.1.7	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.2.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.1.0b	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0.2b	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	5.1.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.1.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.2.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	4.0.5	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	2.0.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	4.0.4	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.3	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	4.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	5.1.3	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.2.5	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.2.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	5.1.5	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	2.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0.0b	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.1.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	4.0.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.2.4	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.0.0b1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	4.0.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.0b1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0.4	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	4.1.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	4.0.0b	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	5.1.6	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	4.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	2.0.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	2.0.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.0.0b2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	3.0.4b	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.2.3	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.2	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.3.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.1.1	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	1.3.0	Trust: 1.0
vendor:	apple	model:	safari	scope:	eq	version:	2.0.4	Trust: 1.0
vendor:	apple	model:	ios	scope:	lt	version:	6 (ipad 2 or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	6 (iphone 3gs or later )	Trust: 0.8
vendor:	apple	model:	ios	scope:	lt	version:	6 (ipod touch no. 4 after generation )	Trust: 0.8
vendor:	apple	model:	itunes	scope:	lt	version:	10.7	Trust: 0.8
vendor:	apple	model:	safari	scope:	lt	version:	6.0 (mac os)	Trust: 0.8
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.5	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.3	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.2	Trust: 0.3
vendor:	webkit	model:	open source project webkit r82222	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r77705	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r52833	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r52401	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r51295	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit r38566	scope:	-	version:	-	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.x	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	1.2.2-1	Trust: 0.3
vendor:	webkit	model:	open source project webkit	scope:	eq	version:	0	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	12.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	12.04	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.1.7	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.1.7	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.1.5	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.1.4	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.0.6	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.0.5	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	apple	model:	safari	scope:	eq	version:	5.0.3	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.0.2	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	safari for windows	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.6	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.5	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2.2	Trust: 0.3
vendor:	apple	model:	itunes	scope:	eq	version:	10.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3.5	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.3	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.4	Trust: 0.3

sources: BID: 54680 // JVNDB: JVNDB-2012-003352 // CNNVD: CNNVD-201207-496 // NVD: CVE-2012-3634

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3634
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-3634
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201207-496
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-56915
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-3634
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-56915
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-56915 // JVNDB: JVNDB-2012-003352 // CNNVD: CNNVD-201207-496 // NVD: CVE-2012-3634

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-56915 // JVNDB: JVNDB-2012-003352 // NVD: CVE-2012-3634

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201207-496

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201207-496

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003352

PATCH

title:	APPLE-SA-2012-07-25-1	url:	http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html	Trust: 0.8
title:	HT5485	url:	http://support.apple.com/kb/HT5485	Trust: 0.8
title:	HT5503	url:	http://support.apple.com/kb/HT5503	Trust: 0.8
title:	HT5400	url:	http://support.apple.com/kb/HT5400	Trust: 0.8
title:	HT5400	url:	http://support.apple.com/kb/HT5400?viewlocale=ja_JP	Trust: 0.8
title:	HT5485	url:	http://support.apple.com/kb/HT5485?viewlocale=ja_JP	Trust: 0.8
title:	HT5503	url:	http://support.apple.com/kb/HT5503?viewlocale=ja_JP	Trust: 0.8

sources: JVNDB: JVNDB-2012-003352

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3634	Trust: 2.8
db:	JVNDB	id:	JVNDB-2012-003352	Trust: 0.8
db:	CNNVD	id:	CNNVD-201207-496	Trust: 0.7
db:	APPLE	id:	APPLE-SA-2012-07-25-1	Trust: 0.6
db:	NSFOCUS	id:	20163	Trust: 0.6
db:	NSFOCUS	id:	20147	Trust: 0.6
db:	BID	id:	54680	Trust: 0.3
db:	VULHUB	id:	VHN-56915	Trust: 0.1

sources: VULHUB: VHN-56915 // BID: 54680 // JVNDB: JVNDB-2012-003352 // CNNVD: CNNVD-201207-496 // NVD: CVE-2012-3634

REFERENCES

url:	http://lists.apple.com/archives/security-announce/2012/jul/msg00000.html	Trust: 1.7
url:	http://support.apple.com/kb/ht5400	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2012/sep/msg00001.html	Trust: 1.1
url:	http://lists.apple.com/archives/security-announce/2012/sep/msg00003.html	Trust: 1.1
url:	http://support.apple.com/kb/ht5485	Trust: 1.1
url:	http://support.apple.com/kb/ht5503	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3634	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu864819	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu624491/index.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3634	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/20163	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/20147	Trust: 0.6
url:	http://www.apple.com/safari/download/	Trust: 0.3
url:	http://www.webkit.org/	Trust: 0.3

sources: VULHUB: VHN-56915 // BID: 54680 // JVNDB: JVNDB-2012-003352 // CNNVD: CNNVD-201207-496 // NVD: CVE-2012-3634

CREDITS

Dave Mandelin of Mozilla, Martin Barbella of the Google Chrome Security Team using AddressSanitizer, Jose A. Vazquez of spa-s3c.blogspot.com working with iDefense VCP, Skylined of the Google Chrome Security Team, Apple Product Security, miaubiz, Martin Bar

Trust: 0.3

sources: BID: 54680

SOURCES

db:	VULHUB	id:	VHN-56915
db:	BID	id:	54680
db:	JVNDB	id:	JVNDB-2012-003352
db:	CNNVD	id:	CNNVD-201207-496
db:	NVD	id:	CVE-2012-3634

LAST UPDATE DATE

2025-04-11T21:13:45.310000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-56915	date:	2012-09-22T00:00:00
db:	BID	id:	54680	date:	2012-10-25T18:40:00
db:	JVNDB	id:	JVNDB-2012-003352	date:	2012-10-16T00:00:00
db:	CNNVD	id:	CNNVD-201207-496	date:	2012-07-26T00:00:00
db:	NVD	id:	CVE-2012-3634	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-56915	date:	2012-07-25T00:00:00
db:	BID	id:	54680	date:	2012-07-25T00:00:00
db:	JVNDB	id:	JVNDB-2012-003352	date:	2012-07-27T00:00:00
db:	CNNVD	id:	CNNVD-201207-496	date:	2012-07-26T00:00:00
db:	NVD	id:	CVE-2012-3634	date:	2012-07-25T20:55:03.353