Vulnerability Details : CVE-2013-0997
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2013-0997
- cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.7:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.7.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.5:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.6:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:6.0.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:6.0.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.0.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.0.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:5.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:5.0.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:6.0.3:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:6.0.4:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.7:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.4:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.4.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.4.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.4.3:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.3.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.6:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.6.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:6.0.5:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.5:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.6.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.5.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:6.0.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.0.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.3.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.8.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:5.0.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.1.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.6.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.7.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.0.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.1.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.6.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.0.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.3.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.2.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.4.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.7.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.2.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.7.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.7.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:4.9.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.1.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:7.5.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:8.0.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:8.0.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:9.0.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:9.0.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:9.0.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:9.1.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:9.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:9.0.3:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:9.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:9.2.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.1.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.0:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.0.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.4:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.1.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.3:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.3.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.5.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.5.2:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.4.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.5:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.4.0.80:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.1.1.4:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.5.1.42:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.4.1.10:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.2.2.12:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.5.3:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.6:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.6.1:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
- cpe:2.3:a:apple:itunes:10.6.3:*:*:*:*:*:*:*When used together with: Microsoft » Windows Vista
Exploit prediction scoring system (EPSS) score for CVE-2013-0997
1.35%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-0997
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
CWE ids for CVE-2013-0997
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-0997
-
http://support.apple.com/kb/HT5934
About the security content of iOS 7 - Apple Support
-
http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html
Apple - Lists.apple.com
-
http://support.apple.com/kb/HT5766
About the security content of iTunes 11.0.3 - Apple SupportVendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17466
Repository / Oval Repository
-
http://support.apple.com/kb/HT5785
About the security content of Safari 6.0.5 - Apple Support
-
http://lists.apple.com/archives/security-announce/2013/May/msg00000.html
Apple - Lists.apple.comVendor Advisory
-
http://support.apple.com/kb/HT5921
About the security content of Safari 5.1.10 - Apple Support
-
http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html
Apple - Lists.apple.com
-
http://lists.apple.com/archives/security-announce/2013/Sep/msg00003.html
Apple - Lists.apple.com
Jump to