CVE-2011-0195

CVSS v2.0 4.3 (Medium)

EPSS 0.42 % (75^th)

Affected Products 1

The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.

Weaknesses

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

Related CVEs

CVE-2011-1202

CVE Status: PUBLISHED
CNA: Apple Inc.
Published Date: 2011-04-15 19:55:00
(13 years ago)
Updated Date: 2011-07-23 02:39:11
(13 years ago)

Affected Products

Apple

Iphone Os

Configuration #1

		CPE23	From	Up To
	Apple Iphone Os 4.3.0	cpe:2.3:o:apple:iphone_os:4.3.0
	Apple Iphone Os 4.3.1	cpe:2.3:o:apple:iphone_os:4.3.1