VDB
CVE-2011-1344
CVE-2011-1344
PUBLISHED
Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 (CDMA); and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag, related to text nodes, as demonstrated by Chaouki Bekrar during a Pwn2Own competition at CanSecWest 2011.
EPSS 5.32% · 90.2th percentile
Risk Scores
EPSS Score
5.32%
90.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | qtwebkit-source | 0, 2.3.2-0ubuntu10, 2.3.2-0ubuntu11 |
Exploit Intelligence
- 44151 (circl)
- 20110415 VUPEN Security Research - Apple Safari Text Nodes Remote Use-after-free Vulnerability (CVE-2011-1344) (circl)
- http://twitter.com/aaronportnoy/statuses/45632544967901187 (circl)
- 46822 (circl)
- http://support.apple.com/kb/HT4596 (circl)
- APPLE-SA-2011-04-14-3 (circl)
- 1025363 (circl)
- APPLE-SA-2011-04-14-2 (circl)
- http://www.zerodayinitiative.com/advisories/ZDI-11-135 (circl)
- ADV-2011-0984 (circl)
…and 8 more exploits
Timeline
- Mar 10, 2011 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2011-1344 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2011-1344 third-party-advisory