Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2011-3218

Disclosure Date: October 14, 2011
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The “Save for Web” selection in QuickTime Player in Apple Mac OS X through 10.6.8 exports HTML documents that contain an http link to a script file, which allows man-in-the-middle attackers to conduct cross-site scripting (XSS) attacks by spoofing the http server during local viewing of an exported document.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Technical Analysis