CVE-2011-3238

Priority
Negligible
Description
WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle
attackers to execute arbitrary code or cause a denial of service (memory
corruption and application crash) via vectors related to iTunes Store
browsing, a different vulnerability than other CVEs listed in
APPLE-SA-2011-10-11-1.
References
Notes
jdstrand> qt4-x11 unmaintained upstream (see README.webkit for details)
sbeattie> iTunes Store specific?
jdstrand> marking chromium-browser as fixed since it has 22+ on all releases
and they sync with upstream webkit every few weeks
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 14.10 (Utopic Unicorn):DNE
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 14.10 (Utopic Unicorn):needs-triage
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 14.10 (Utopic Unicorn):needs-triage
Package
Upstream:released
Ubuntu 10.04 LTS (Lucid Lynx):released
Ubuntu 12.04 LTS (Precise Pangolin):released
Ubuntu 14.04 LTS (Trusty Tahr):released
Ubuntu 14.10 (Utopic Unicorn):released
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):ignored (see notes)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (webkit isn't built)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (webkit isn't built)
Ubuntu 14.10 (Utopic Unicorn):not-affected (webkit isn't built)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-10-23 21:15:23 UTC (commit 8644)