Lucene search

K
cve[email protected]CVE-2010-1402
HistoryJun 11, 2010 - 6:00 p.m.

CVE-2010-1402

2010-06-1118:00:00
CWE-399
web.nvd.nist.gov
30
cve-2010-1402
webkit
apple safari
mac os x
windows
remote code execution
denial of service
svg
event listener
nvd

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.336 Low

EPSS

Percentile

97.0%

Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to an event listener in an SVG document, related to duplicate event listeners, a timer, and an AnimateTransform object.

References

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.336 Low

EPSS

Percentile

97.0%