CVE-2010-0050

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*

History

03 Feb 2024, 02:24

Type Values Removed Values Added
CVSS v2 : 9.3
v3 : unknown
v2 : 9.3
v3 : 8.8
First Time Apple iphone Os
Canonical
Canonical ubuntu Linux
Fedoraproject fedora
Opensuse opensuse
Fedoraproject
Opensuse
CPE cpe:2.3:a:apple:safari:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:4.0.0b:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*
CWE CWE-399 CWE-416
References (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html - (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041436.html - Mailing List
References (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html - (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041432.html - Mailing List
References (SECUNIA) http://secunia.com/advisories/41856 - (SECUNIA) http://secunia.com/advisories/41856 - Broken Link
References (VUPEN) http://www.vupen.com/english/advisories/2011/0552 - (VUPEN) http://www.vupen.com/english/advisories/2011/0552 - Broken Link
References (BID) http://www.securityfocus.com/bid/38671 - Patch (BID) http://www.securityfocus.com/bid/38671 - Broken Link, Patch, Third Party Advisory, VDB Entry
References (APPLE) http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html - (APPLE) http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html - Mailing List
References (APPLE) http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html - Vendor Advisory (APPLE) http://lists.apple.com/archives/security-announce/2010/Mar/msg00000.html - Mailing List, Vendor Advisory
References (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587 - (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7587 - Broken Link
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/56836 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/56836 - Third Party Advisory, VDB Entry
References (SECUNIA) http://secunia.com/advisories/43068 - (SECUNIA) http://secunia.com/advisories/43068 - Broken Link
References (CONFIRM) http://support.apple.com/kb/HT4225 - (CONFIRM) http://support.apple.com/kb/HT4225 - Vendor Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html - Mailing List
References (VUPEN) http://www.vupen.com/english/advisories/2011/0212 - (VUPEN) http://www.vupen.com/english/advisories/2011/0212 - Broken Link
References (SECTRACK) http://www.securitytracker.com/id?1023708 - (SECTRACK) http://www.securitytracker.com/id?1023708 - Broken Link, Third Party Advisory, VDB Entry
References (VUPEN) http://www.vupen.com/english/advisories/2010/2722 - (VUPEN) http://www.vupen.com/english/advisories/2010/2722 - Broken Link
References (UBUNTU) http://www.ubuntu.com/usn/USN-1006-1 - (UBUNTU) http://www.ubuntu.com/usn/USN-1006-1 - Third Party Advisory
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 - (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 - Broken Link
References (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html - (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041383.html - Mailing List

Information

Published : 2010-03-15 14:15

Updated : 2024-02-28 11:41


NVD link : CVE-2010-0050

Mitre link : CVE-2010-0050

CVE.ORG link : CVE-2010-0050


JSON object : View

Products Affected

canonical

  • ubuntu_linux

apple

  • iphone_os
  • safari

fedoraproject

  • fedora

opensuse

  • opensuse
CWE
CWE-416

Use After Free